State Management :: Sharing Cookies Between Domain / Sub Domain?
Jul 28, 2010
I have a main domain "mydomain.com" and then a sub domain "forums.mydomain.com". If a user visits "forums.mydomain.com" without being logged in, they are redirected to "mydomain.com/login.aspx".
The two scenarios are:
If they are redirected to the login page with "mydomain.com/login.aspx?ReturnUrl=http://forums.mydomain.com", then they are succesfully logged into the forums but NOT the main site.
If they are simply redirected to the login page with "mydomain.com/login.aspx" with no returnUrl, they are correctly logged into both the main site and the forums.
I have 2 applications App1 and App2 on same domain, both with Forms authentication, each using a different database instance for authentication.
First, I open a browser with application www.mydomain.com/App1 and log on.
After that, when I open another instance of the same browser with application www.mydomain.com/App2 and log on, first browser loses session and goes back to login page.
I need each application on same domain to have its own session so that both can stay logged on.
In my website I am maintaining cookies for the login so that if I open the browser again then no need to login again.
But when I am switching browser(from ie to ff or viceversa) then the cookies are lost and the user is not identified, I want to maintain them in this scenario also.
I have multiple sites with main and subdomain. all doing one same method for the login. login is done with the multi domain cookie but there is problem with the logout. I'm using cookie and session for that state.
When ever I logout form the any domain. I should logout form the all domain.
(Like yahoo or google)
As per my method , My all domain have logout page which has code
[Code]....
and main site(www.domain.com) have [Code]....
So what can I change in this code to do the Logout process for the all subdomains.
Here is what I want to do: I have a local site in which I want to display data from a remote site Lets say: I want to display data of http://www.abc.com/Default.aspx on my localhost
Now Default.aspx requires some post-data which it sends to itself. Thus the __viewstate and __eventvalidation are posted back to it by itself. I want to directly post the data to Default.aspx from localhost without opening Default.aspx and display the Default.aspx's response on my localhost.
The WebApp on http://www.abc.com is configured for __eventvalidation i.e. I cannot post-data to it from my localhost without getting a __viewstate from it. I also have to post the current __viewstate of http://www.abc.com/Default.aspx to itself
I have built a website and now the customer wants to split it between three different domains. What is the best way to do this? This is what I have so far.
c:/website1/ points to www.website1.com c:/website1/vd1/ points to www.website2.com c:/website1/vd2/ points to www.website3.com
The webhost I'm working with has done it the following way, but now I'm getting a bunch of errors that seems like it's not seeing the App_code folder. Do I need to make a lot of changes? How does this affect the location references?
My MVC ASP.NET web application is split up like this:
Web Application Layer Views
[Code]....
Now, I have a view in the database called "EquipmentWithCableDetails", which contains additional useful information with the equipment details - so I create a class to model that view (in order to be able to read from it). In the code I have that works with that new class, I want to display the EquipmentDescription - but that property only exists on the Equipment class.
m using visual studio 2008.my requirement is to implement single sign on across many domains without using cookies. is this possible?for example, i have 3 domains (hosted in 3 different systems).[URL]i implemented single sign on with cookies, if the sites are hosted in single system then it is working. but it doesnt work if cookies are disabled.i tried all made all possible google searches, but couldnt find anything useful.
I have a Single Sign-on solution which is working great in our test environment. It uses Cross-Sub-Domain cookies to share the authentication ticket between 2 web applications. Sign-on is done only on one of the applications and on the second site the user is authenticated by the cookie created by the first site.The problem is that when I roll it into the production environment the single sign-on no longer works. I'm looking for any ideas on why this might be. More details below:1) Both apps are implemented using ASP.NET MVC2
I'm building a greasemonkey script to make posting to craigslist a lot easier for our clients.
Basically the flow is this:
User logs into our system (established authentication cookies with asp.net)User navigates to a section on our site called "CraigsList". If they have the greasemonkey script installed it automatically opens up craigslist in a new tab.
The greasemonkey script then does a request back to our site at [URL] to retrieve a list of available items to be posted to craigslist.
This is where it fails because the request to [URL] is not including any of the authentication cookies. I'm not sure if it doesn't include the cookies because the request originates from [URL] and not [URL] or what. I know it's an authentication issue because looking at it in fiddler it returns a 302 and redirects to the login page.
I have integrated Third party advertise module in my website. their domain s "http://rotator.adjuggler.com/".they read cookie from this domain and display advertise based on cookies value. now I want to set cookies on this domain from my website.though this is not possible. they have provided url to set cookies.http://rotator.adjuggler.com/servlet/cookie?action=set&name=test&value=1&maxage=2592000we can set cookies on their doemain by calling above ur.Problem:1) we can't make xmlHttp request because this is cross-doamin link.2) we can't use jquery because it uses xmlHttp as native implementation.3) i have tried to set above url in <img src="..." > and <script src="...">. both not working.but when i paste above url in address bar it works.can anybody have idea how to call above url from Code.
My feeling says it's not posible but anyway I am curious if there is at least a workaround for accomplish this.Basically I am working at my client site and my machine is not connected to the domain.What I want to do is running a web application locally under a domain account, and using the webdev server.The webapp uses the default authentication, windows authentication that is.I tried using impersonation with domainuser & password but I got the following error Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.I have to mention that the username and the password are correct.
We have a ASP.NET site that partially depends on forms authentication for login credentials, however the implementation of IPrincipal is completely custom.
But, when running the site on a particular server (which is somewhat semi-hardened when it comes to security), the app crashes when invoking IPrincipal.IsInRole() with the following messsage:
System.SystemException: The trust relationship between the primary domain and the trusted domain failed.
This indicates a communication error between the web-server and the DC, however since our application doesn't at all utilizes Windows authentication, I don't see why it needs to communicate with the DC.
This is my implementation:
[code]...
EDIT:
I was finally enable to reproduce this error on my dev-machine (i revoked my machine from the DC yesterday, but didn't reproduce it until today)
HttpContext.User is actually a WindowsPrincipal by default it seems, and the error in my code was that I only replace it with CustomPrincipal upon login. Hence, unathenticated users still get the WindowsPrincipal which then fails horribly if you have trust issues on your AD.
I tried changing the default principal by invoking this on appstart
Im returning the username from sharepoint site as a string. This is done successfully with the below code but I also get the domain with it. How can I only return the username and not the domain either through sharepoint or programmatically removing it? domain/username
My feeling says it's not posible but anyway I am curious if there is at least a workaround for accomplish this.Basically I am working at my client site and my machine is not connected to the domain.What I want to do is running a web application locally under a domain account, and using the webdev server.The webapp uses the default authentication, windows authentication that is.I tried using impersonation with domainuser & password but I got the following error Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.I have to mention that the username and the password are correct.
I have two domain servers X and Y.My Asp.net Web application is hosted on Domain X.But my scope is required to authorize the user of Domain Y on the Web application hosted on Domain X server.I am using Windows Authetication mode in application
I have a domain: http://www.mydomain.com. This domain is redirected to http://mydomain.anotherDomain.com.
I user forms authorization, so when the user navigates to Default.aspx he is redirected to Login.aspx. Pretty standard stuff.
On FireFox the user can log in on both on http://www.mydomain.com and http://mydomain.anotherDomain.com.
But with Explorer http://www.mydomain.com doesn't work. I only get the Login.aspx page.
Can it have anything to do with that on http://www.mydomain.com I can't see the filename ('Default.aspx', 'Login.aspx')? How can I enable so the filename is included in the redirected domain?
I have an intranet web application. There are 2 user groups, group A belongs to the domain and group B does not. If I set the IIS to enable anonymous access, Request.ServerVariables("LOGON_USER") always return nothing. If I disable anonymous access and set Integrated Windows authenication, a Windows login prompt will come up if group B's users want to access the website.
How can I setup IIS so that when domain user access the website, it will direct to the main page with Session("user_name") = Request.ServerVariables("LOGON_USER"). If a user is not a domain user, the website will direct him/her to a login.aspx instead of having the Windows authenication prompt, then set Session("user_name") = txtUserName.Text, and finally redirect to the website main page ?
We have a website for our company on one domain and we have a login form to a webmail solution on another domain.Now i would like to build a form on our website the transfers the request to the login form on the webmail domain and automatically validate the user if user and pass are correct.Need help to find the correct way of doing this. The domains is hosted by our company, the website and webmail is on different servers. I don't want to use the querystring,
The following code works as it was originally designed to move a file from one directory to another directory on the same server, but I need to change it to work so it will move a file from one server to another server. My challenge is how to define the source directory on a different server and check if file exists.
Code behind:
Protected Sub btnSubmit_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnSubmit.Click
