Multiple Applications On A Single Site - Session And Forms Authentication Scope?
Mar 7, 2011
We're using ASP.NET and IIS 6.0. I realise that the definitions of applications, websites and virtual directories are ill-defined in IIS 6, and changed a lot in IIS 7. However, I'm stuck with IIS 6.0 for now.
We have a single web site defined in IIS, and a number of separate sub-sites in Virtual Directories.
The scheme looks like this:-
[URL]
[URL]
site1, site2, ... are virtual directories in IIS 6.0, under the "Default Web Site".
I need to use ASP.NET sessions and forms authentication in most of these sites, and I don't want them to share authentication data or session information at all.
Both the mechanisms currently depend on cookies. However, the cookies created by default use the same name, and have a path of "/" in the browser, meaning the sites' cookies will clash with each other.
Without changing the default name for each cookie, how can I enforce separation between my sub-sites? Do I need to change the virtual directories for IIS 6 "Applications"? Or is there some way in code to enforce a more limited scope for the cookies?
View 1 Replies
Similar Messages:
Nov 10, 2010
I have three asp.net web applications
,Second and Third applications are accessed throught the first,So Authentication (form authentication) is happening from the first application only , all are deployed on same IIS with seperate virtual directory
Like
1.Localhost/EmpMananger
1. Localhost/Hr
2.Localhost/Payroll
, I used the same Entires in both <machineKey> and
<forms> Elements in webconfig file of all applications,
Applications are working fine and Page.User.Identity are available in all applications but once loginUrl and defaultUrl entry is changed to actual name other than localhost
Eg: localhost/EmpManager/default.aspx To myserver/EmpManger/default.aspx
the authentication ticket is not available in second and third applicaiton
View 4 Replies
Apr 22, 2010
i have two applications hosted on two different domains and both use a single login info so my question is how can i use / share same session across two application.
View 8 Replies
Feb 17, 2011
We are having a project which is for various online application systems for an educational institute. (Asp.Net 2.0 Web Site)
initially we developed all applications in single project with proper folder structure. but now we want to make each application as separate product.
all applications share single authentication(Obviusly this is single project) want to keep that way only.
I want to split project in smaller projects but want to keep shared authentication so how should i orgnise this project in IDE.
Also i need guidence on hosting such project
i should make small projects within single solution file. and at the time of publish amke single virtual directory to host the root project(login.aspx etc) and in subdirectories i should host other projects. so this way SSO(single sign on) across applications is possible ..
View 2 Replies
Aug 13, 2010
Is it possible to share the claims based authentication of a logged in Sharepoint 2010 user with a separate Asp.net application?
The following article describes how it was done using Sharepoint 2007 and forms authentication through forms auth and sharing machine keys etc however I cannot find any information regarding the external application consuming the claims authentication that is now used in Sharepoint 2010?
View 2 Replies
Oct 26, 2010
how to structure our intranet. The way it's going right now is, that I'll create a web application that usually contains just a single web page and then deploy it. I'm using the file system deployment to deploy to a test server.
The file structure on this test server is something like "\serverwebintranetwebapplicationsAPP_NAME". I would create a folder on the server with whatever name to replace "APP_NAME" and then deploy into that folder. Everything deploys fine and is structured fine, none of the pages will load.
When try to load the page you get an error like: Could not load type 'WebInterface._Default'. The dll containing that code is definitely there. Inside the "APP_NAME" folder is the bin folder, config file, and the (usually) single aspx page. So for some reason, the web page can't find the dll files.
View 6 Replies
Jul 9, 2010
I have two identical applications setup on IIS on different virtual directories (I have done some workaround to ensure that they both have the same application name). Is there a way to share session id across two asp.net web applications?
Since I'm storing the session in StateServer, they should both be getting the same session data, however, a different session id is created everytime I go from application a to applicatino b. Wouldn't this happen in a load balancing scenario as well? Where when I go to www.test.com, it would redirect that request to server a, and then if I hit it again, it would go to server b, but since it's a different web application, it would create a new session id?
View 3 Replies
Jan 25, 2011
i want to have several domains A, B, C where a user can enter his username and password to login to a common main domain D.
So the user goes to A, B or C, enters his username and password, clicks the "login" button, and is then on the main domain D in a logged in/authenticated state. Then the user does the things he wants to do, and then clicks the logout-button and is then returned to the original domain that he came from, be it A, B or C.
What is the best way to do this?
I currently use forms authentication in ASP.NET 4.0 (C#).
View 1 Replies
May 1, 2010
I'm working on a new project and I would like to use forms authentication to protect the necessary pages. The project is going to be focused on companies where a company would create an account and have multiple users. Each company should have its own data and should not be able to see other companies' data. What would be the best way to go about this? I've considered using a subdomain for each company which would tell the application which membership provider to use. I've also considered using an additional credential such as company ID to specify which company the user is logging into.
View 7 Replies
Nov 8, 2010
We are upgrading the asp.net 2.0 web application to asp.net 4.0. The application contain three main modules (sub application) like End User, Franchise and Admin with separate web.config, asp.net form Authentication, login page and running with single domain. the URL like,mydomain.com/login.aspxmydomain.com/franchise/login.aspxmydomain.com/admin/login.aspx In asp.net 2.0, working fine with 3 sub applications with separate form authentication under a single domain name and also we can working with all threes in same time. After the up gradation process (ASP.NET 2.0 to 4.0),We didn't run all three applications in same times and also form authentication crossed.
View 2 Replies
Dec 7, 2010
I maintain a college website. I also create various small web apps for the college (staff directory, online credit schedules, etc.). Currently, I have been using VS2010 and clicked on File - New Web Site - ASP.NET Empty Web Site for the main college website and File - New Web Site - ASP.NET Dynamic Data Entities Web Site for each of my apps.
Each is in its own separate directory in my development environment. The main site is "published" via VS2010's Copy Web Site tool in the Solution Explorer. The individual web apps are copied into unique physical directories on the Web server, and then via IIS7 Manager, a virtual directory is created on the college's web site for each app.
I have now run into a situation where I would like to create a new web app that utilizes some of the images and master pages from the college's web site. How do I create a New Web Site in VS2010 that can see/recognize/access the files from another web site? Namely, the college's main web site.
View 4 Replies
Jul 29, 2010
We have an MVC.NET application that encounters fatal errors when it restarts. In our Session_Start event handler, we add the session id to a dictionary. In the Session_End handler, we remove it. Consider the following sequence of requests:
GET home.mvc
<application restarts>
GET main.css
GET banner.jpg
GET somedata.mvc
...
Because of the way the application is architected, this sort of sequence happens fairly frequently if you do a rebuild while the application is open in a browser window. That wouldn't be terribly concerning except that I see it in production environments too. For example, it will occur (albeit rarely) when you edit web.config.
The requests following the restart are all due to links in the home page or AJAX calls from JavaScript.
What I observe is that .NET handles the first 5 requests in parallel. Each such request causes it to fire the Session_Start event. After a short time, it fires the Session_End event 3 times. To be clear, each Session_Start corresponds to the exact same session. They all have the same session id and the IsNewSession property is true for all session state objects. Also, the Session_End events do not correspond to the session being killed. The session persists, along with any data stored in session state.
I need to either prevent it from firing Session_Start more than once or figure out how to tell when Session_End doesn't really mean that the session has ended.
View 2 Replies
Apr 6, 2010
I want to use Context.Items to store some info of a User Control like:
Context.Items["Data"] = 5;
I want to know, Is Context.Items is for each request or it is global for the application?
View 1 Replies
Feb 24, 2011
Quick question: Is there a "per-user" data storage object (similar to Session) that I can store data in the global scope (similar to HttpRuntime.Cache)? Almost as if Session and HttpRuntime.Cache had a baby.
Full Background: I have a ASP.NET website that was originally written for a single thread. Now I changed it so that certain actions will spawn a background thread and the browser polls a service to get status updates.
The problem I am having with this is that certain pieces of data are stored into the HttpContext.Session[] object (membership authentication token, for example). These pieces of data need to be unique to each user and accessible to the background thread. Session is not available to the background thread.
I am aware of HttpRuntime.Cache but that would require micromanagement to segment out the users and to expire it at the same time the session is expired. Session, on the other hand, automatically expires this things at the right times that I want it too and is already used by things like the SqlMembershipProvider.
My question is, is there something that behaves similar to the Session but exists in the global scope?
View 3 Replies
Aug 24, 2010
I want to store employee name,designation and department in session variable and retrieve in another page how to do this.
View 2 Replies
Jun 16, 2010
I want to initiate a class for each user at the start of the user's session so that a single class can be used throughout the user's session. I checked out this post but I'm not sure where I should be placing this Sessionhandler class. Inside global.asax? How do I go about accomplishing this?
View 2 Replies
Feb 15, 2011
First of all, I am creating a something like a client/server solution using a standard ASP.NET website - I do know this method is not adviced, and most people would love to scream "COMET!" or "HTML5 Sockets!" - but please don't ;-) !
What I am doing...
I am creating an MMORPG on a website.
I have several clients whom need to be in contact at the same time. This is done by a global object in the Application scope.
My problem
I need to invoke an event to several clients. For instance, when an attack has been performed, I need to update some graphics. The attack logic is resolved in the global object, but each of the clients has to respond to this.
Right now I do the following:
fightTrace.Reciever.InvokeMoveEnded(this);
fightTrace.FiredBy.InvokeMoveEnded(this);
(This is a kind of observer pattern)
What now happends is a race condition. The one who loads the page_load event will get both of these events, and the one who is not running them, will experience no changes in the UI.
So what is it I really want?
What I really need is some genuine and nice way to create an observer pattern through the application state. I need to send an event out to every "listener" which is in this case is a client, and then do some update.
View 1 Replies
May 19, 2010
I have a stored procedure that returns 3 tables within the single recordset it returns. If I set a SqlDataSource to get data from this procedure, it works, but it only returns the first table. I want to have a GridView display the data from the 2nd or 3rd table using a SqlDataSource, but I can't figure out how to specify a particular table.
While there are some posts discussing this out there, I can't get a definitive answer about whether or not this is even possible (?). In a worst-case scenario, I can create another SP that only returns the 3rd table - but that creates a little maintenance headache that I would prefer to avoid.
View 4 Replies
Jan 14, 2011
I maintain a local government website and we have 3 developers and each one develops various web applications. Each web application has it's own directory structure under a folder called "Apps". There may also be another level of folders under the Apps folder. My trial approach at the moment is to have a folder called "Apps/Common/Master" which contain the MyMaster.master page. I have another folder called "Apps/Test/MasterTest" which I have setup a project to use the Master file in the Apps/Common/Master folder. I looked at some information about sharing Master Pages in the MSDN documentation and it mentioned creating a virtual directory and I tried creating a virtual directory "Apps/Test/Master" which points to "Apps/Common/Master" but from Visual Studio it doesn't show up and so when I try to reference the Master Page it can't find it.
My goal is to have a single Master page that we all use that we maintain in a single place and any changes to the single Master Page will be reflected in all of the applications that reference that master page. I don't want to copy the Master page to each project because then modifying the original master page won't update the copies.
View 4 Replies
May 14, 2012
I'm using a common <machineKey> to allow two ASP.Net applications to share a single forms authentication ticket (ie. only need to login to one application to access both). My problem is that I only want users in a particular role to have access to the second application. What's the best way to implement this?
I've tried checking the role in Application_AuthenticateRequest() and doing FormsAuthentication.SignOut() if the role doesn't match, but that doesn't get picked up until the second request to the application. I can't redirect from Application_AuthenticateRequest() because that would just create a redirect loop.
View 2 Replies
May 11, 2010
I have 2 almost identical asp.net (vb) applications. 1 Development and 1 Production.
They use forms authentication that is configured to run in SQL server. Both apps use the same aspnetdb database but have different application names.
The problem I have is:I have an Identical login for each app (same username, same password), but If I change profile information for that user in the development app, the changes are reflected in production app. This isn't what I want.
View 2 Replies
Jan 12, 2011
I have a .net 1.1 ASP application (domain.com) which has a .net 2 virtual directory (domain.com/v2) beneath it, both applications run within their own app pool on the same Windows Server 2003 machine running IIS 6. The web.config files for both apps are setup for Forms Authentication as described here - [URL]
Users would be directed to the domain.com/v2/login.aspx page which would authenticate for both applications, this configuration has been working fine for the last few years until installing one of the recent Windows 2003 security updates today. Now after authenticating under /v2 users keep getting redirected back to domain.com/v2/Login.aspx as domain.com doesnt see them as authenticated anymore.
which security update would have caused this and if its possible to fix or rollback?
View 4 Replies
Oct 29, 2010
I already have 2 web applications running. both of them are using membership and accessing the same database but their application names are different. so basically in my aspnet_Users table, i have users with different applicationIDs and in my aspnet_Applications table I have 2 records in there. so i have 2 separate login locations
..app1login.aspx
..app2login.aspx
What my the business wants is to only have a single point of entry. so they want something like this
..applogin.aspx
and by verifying the username and password pair, my code should be able to route to the appropriate app and bypass its login form. (don't be concerned about the duplicate username between applications, it's been taken cared of)
so I'd like to solicit suggestions from you how should I implement this without modifying my existing setup? and where should I place this login web form in my website? this is the current site structure:
www.site.com/app1
www.site.com/app2
View 6 Replies
Aug 30, 2010
to host two web applications in single application domain? For example two web applications web1 and web2 being hosted in single application domain.
View 3 Replies
Dec 20, 2010
i have two web aplications running on different sites.
1. site gets user information and show another website (2. site) in an i frame. but when i do this 2. site session starts again on every page.postback . if i connect to 2. site without 1. site everything works well.
View 5 Replies
