If you have app1.blah.com and app2.blah.com, it's very easy to do. Just set the domain and the name to the same value in the forms-section in web.config:
As other members have suggested, the most common ways for sharing authentication info across different sites are using cookie. By default, HTTP cookie support sharing between multiple sites that are under the same parent/base domain name. e.g.
these sites can share cookie stored at the root domain path naturally. While sharing cookie across different domain will require additional work on the sites that need to share cookie between each other. Here are some web reference:
Also, it is also possible to leverage some 3rd party centralized authentication service such as the Windows Live ID authentication for sharing authentication info acrossed multiple site/web applications.
I have a web application (C# - ASP.net) that needs to pass a user to another site(word press site) which is running on different server. I need to be able to pass a user creditentials to this server to allow users authenticated by my application to use word
press site without being prompted to enter credentials. it should be secure. for this situation can i share cookies(encrypted)?
It is important that whether the wordpress target site is also controlled by you(you can add code logic on it)? If not, I'm afraid that what we can do is quite limited. Sharing cookie between web sites (under different domain) is prohibited due to security
reason (for most mainstream browsers). And for such scenario, your web app and the wordpress web app need to define a custom authentication process for them to communicate with each other. Such as use querystring to pass some encrypted security token which
can be used for verify if the current user has been authenticated or not.
lak_2011
Member
316 Points
115 Posts
sharing authentication between two sites
Apr 19, 2012 08:56 PM|LINK
Hi
What is a best way to share authentication between a dotnet site and a word press site?
Thanks
Sparkers
Contributor
2086 Points
470 Posts
Re: sharing authentication between two sites
Apr 19, 2012 09:02 PM|LINK
An added benefit is that users can sign into either site and will still be authenticated if they go to the other one.
Steven Cheng...
Contributor
4219 Points
548 Posts
Microsoft
Moderator
Re: sharing authentication between two sites
Apr 23, 2012 07:51 AM|LINK
Hi lak_2011,
As other members have suggested, the most common ways for sharing authentication info across different sites are using cookie. By default, HTTP cookie support sharing between multiple sites that are under the same parent/base domain name. e.g.
abc.microsoft.com def.microsoft.com xyz.microsoft.com microsoft.com
these sites can share cookie stored at the root domain path naturally. While sharing cookie across different domain will require additional work on the sites that need to share cookie between each other. Here are some web reference:
#Sharing Cookies Across Domains
http://www.codeguru.com/csharp/csharp/cs_internet/article.php/c19417/Sharing-Cookies-Across-Domains.htm
#Forms Authentication Across Applications
http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx
Also, it is also possible to leverage some 3rd party centralized authentication service such as the Windows Live ID authentication for sharing authentication info acrossed multiple site/web applications.
#Windows Live ID Web Authentication SDK
http://msdn.microsoft.com/en-us/library/bb676633.aspx
Feedback to us
Microsoft One Code Framework
lak_2011
Member
316 Points
115 Posts
Re: sharing authentication between two sites
Apr 26, 2012 05:56 PM|LINK
Hi ,
Thanks for reply.
my situation is like this.
I have a web application (C# - ASP.net) that needs to pass a user to another site(word press site) which is running on different server. I need to be able to pass a user creditentials to this server to allow users authenticated by my application to use word press site without being prompted to enter credentials. it should be secure. for this situation can i share cookies(encrypted)?
Thanks
Steven Cheng...
Contributor
4219 Points
548 Posts
Microsoft
Moderator
Re: sharing authentication between two sites
Apr 27, 2012 02:22 AM|LINK
Hi lak_2011,
Thanks for followup.
It is important that whether the wordpress target site is also controlled by you(you can add code logic on it)? If not, I'm afraid that what we can do is quite limited. Sharing cookie between web sites (under different domain) is prohibited due to security reason (for most mainstream browsers). And for such scenario, your web app and the wordpress web app need to define a custom authentication process for them to communicate with each other. Such as use querystring to pass some encrypted security token which can be used for verify if the current user has been authenticated or not.
Feedback to us
Microsoft One Code Framework
lak_2011
Member
316 Points
115 Posts
Re: sharing authentication between two sites
Apr 27, 2012 01:45 PM|LINK
Hi Steven,
Thanks again.
I can add code on wordpress site.