Professional Web Applications Themes

What is the best way to pass a user identity between serveral ASP.NET web sites? - ASP.NET General

We have several intranet ASP.NET web sites. Users log on to the sites by using form authentication and custom security (user names and passwords are stored in the database). If a user logs on to the first site and from within this site is redirected to another one, we would like to pass its security information along, so the user doesn't need to log on again. I am thinking of making a gateway page that will have two url parameters, user id and the url of the next page: gateway.aspx?userId=123&nextPageUrl="somePage.aspx " Is this the only way to achieve that? Thanks, ...

  1. #1

    Default What is the best way to pass a user identity between serveral ASP.NET web sites?

    We have several intranet ASP.NET web sites. Users log on to the sites by
    using form authentication and custom security (user names and passwords are
    stored in the database).

    If a user logs on to the first site and from within this site is redirected
    to another one, we would like to pass its security information along, so the
    user doesn't need to log on again.

    I am thinking of making a gateway page that will have two url parameters,
    user id and the url of the next page:

    gateway.aspx?userId=123&nextPageUrl="somePage.aspx "

    Is this the only way to achieve that?

    Thanks,

    -Stan


    Stan Guest

  2. #2

    Default Re: What is the best way to pass a user identity between serveral ASP.NET web sites?

    "Stan" <com> wrote in message
    news:%phx.gbl... 
    are 
    redirected 
    the 

    Stan,

    You can continue using Forms Authentication on all the sites. Just use the
    same cookie name for all sites, and a compatible domain name. For instance,
    if your sites are http://a.b.company.com, http://b.b.company.com and
    http://x.company.com, then you'll need to use "company.com" as the domain
    for the cookie so that it will be sent to all three sites.

    If the sites are on separate machines, you'll need to have the same
    <machineKey> on all sites, either in the web.config of each site, or in the
    machine.config of each machine.

    Of course, this also means that if you use UserData on any site, that it
    will have to be compatible with all of the other sites. For instance, if one
    site puts a role list into UserData, you'll want all the sites to respect
    that list, or at worst, to ignore it.

    A common set of classes to implement this can be developed and then used on
    each site. If you make the interface easy enough, you may not experience
    much resistance in getting this implemented on all sites.

    Good Luck,
    John Saunders
    Internet Engineer
    com


    John Guest

  3. #3

    Default Re: What is the best way to pass a user identity between serveral ASP.NET web sites?

    Why not just use a database?




    "John Saunders" <com> wrote in message
    news:phx.gbl... 
    > are 
    > redirected 
    > the [/ref]
    parameters, 
    >
    > Stan,
    >
    > You can continue using Forms Authentication on all the sites. Just use the
    > same cookie name for all sites, and a compatible domain name. For[/ref]
    instance, 
    the 
    one 
    on 


    Jason Guest

  4. #4

    Default Re: What is the best way to pass a user identity between serveral ASP.NET web sites?

    "Jason (MFT1)" <pls> wrote in message
    news:%phx.gbl... 

    Use a database and ... what?
    --
    John Saunders
    Internet Engineer
    com


    John Guest

  5. #5

    Default Re: What is the best way to pass a user identity between serveral ASP.NET web sites?

    Sorry I thought it was self evident....Silly me.

    Well you can save your user identity info to the database and access the
    info from each web application.

    Heck, it's not brain surgery man.


    LOL



    "John Saunders" <com> wrote in message
    news:phx.gbl... 
    >
    > Use a database and ... what?
    > --
    > John Saunders
    > Internet Engineer
    > com
    >
    >[/ref]


    Jason Guest

  6. #6

    Default Re: What is the best way to pass a user identity between serveral ASP.NET web sites?

    "Jason (MFT1)" <pls> wrote in message
    news:%phx.gbl... 

    I don't know if you're serious or not.

    He's talking about passing the identity of a user who has logged in to one
    application from one application to another. Regardless of where details are
    stored, the identity has to be passed.
    --
    John Saunders
    Internet Engineer
    com


    John Guest

  7. #7

    Default Re: What is the best way to pass a user identity between serveral ASP.NET web sites?

    "Stan" <com> wrote in message
    news:phx.gbl... 

    No. Session cookies do not expire when you go to another site. Certainly not
    another site within the same domain.
    --
    John Saunders
    Internet Engineer
    com


    John Guest

Similar Threads

  1. Replies: 5
    Last Post: November 8th, 05:25 PM
  2. *** User.Identity.Name
    By Ian in forum ASP.NET Security
    Replies: 1
    Last Post: April 13th, 01:21 PM
  3. Identity of the Caller Between two Web Sites
    By Sandeep Alur in forum ASP.NET General
    Replies: 0
    Last Post: July 10th, 05:24 AM
  4. Pass-thru authentication between 2 or more sites
    By Oleg Ogurok in forum ASP.NET General
    Replies: 0
    Last Post: June 26th, 09:01 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139