4

How to do Forms Authentication Across Applications in asp.net mvc

Lets say that two websites www.xyz.com and www.abc.com.

I have to use same user credentials for both the sites. If i redirect one app to another then it wont ask to sign in.

Improve this question

2 Answers 2

Reset to default
6

If the applications are hosted on the same domain (for example http://foo.example.com and http://bar.example.com) you could perform Single Sign On by simply setting the domain property of the authentication cookie in your web.config and configuring the same machine keys. The scenario is detailed in this article.

For cross domain SSO, there's much more to be done as you cannot use cookies. So when passing from AppA to AppB you could send the authentication token value (POST or GET) and have AppB decrypt it and emit an authentication cookie on its own domain. Of course in order to decrypt it, both applications must have the same machine keys configured. The scenario is detailed in this article.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

how about implementing a single sign on service? such that when you log in, you call the service using AJAX and retrieve the user session token. you just pass the user session token to the other site so that you may validate it and use the same user.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.