Home/ Questions/Q 7584339
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T18:53:47+00:00

I have two sites which I use the same cookie for login which works

  • 0

I have two sites which I use the same cookie for login which works fine.

The issues that I’m having is that both sites are completely different looking in design and I would like one of the sites to handle the login functionality and the other simply to do a post of the username / password to the other and create the cookie in the backend.

I have this functioning but the issue is how do I notify the other site that the login has been successful or has failed without actually going to the other site to complete the login process?

I have created something like this which works fine but it is the question of how I should handled the post on the other website and what I should return as a response that puzzles me.

Any ideas or alternative solutions would a great help to me!

[HttpPost]
public ActionResult FormPost(LogOnModel model)
{
WebRequest request = WebRequest.Create(strServer);

            // Set the Method property of the request to POST.
            request.Method = "POST";
            // Create POST data and convert it to a byte array.
            byte[] byteArray = Encoding.UTF8.GetBytes("password=" + model.Password);
            // Set the ContentType property of the WebRequest.
            request.ContentType = "application/x-www-form-urlencoded";
            // Set the ContentLength property of the WebRequest.
            request.ContentLength = byteArray.Length;
            // Get the request stream.
            Stream dataStream = request.GetRequestStream();
            // Write the data to the request stream.
            dataStream.Write(byteArray, 0, byteArray.Length);
            // Close the Stream object.
            dataStream.Close();

            // Get the response.
            WebResponse response = request.GetResponse();
            // Get the stream containing content returned by the server.
            dataStream = response.GetResponseStream();
            // Open the stream using a StreamReader for easy access.
            StreamReader reader = new StreamReader(dataStream);
            // Read the content.
            string responseFromServer = reader.ReadToEnd();
            // Clean up the streams.
            reader.Close();
            dataStream.Close();
            response.Close();

TempData["Response"] = responseFromServer;

return View();
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You could capture the cookies that were sent by the authentication action and simply append them to the response so that the actual user that performed the request gets this cookie in his browser:

    [HttpPost]
public ActionResult FormPost(LogOnModel model)
{
    using (var client = new WebClient())
    {
        var data = new NameValueCollection
        {
            { "username", "foo" },
            { "password", "bar" },
        };
        var result = client.UploadValues("http://localhost:1631/account/logon", data);
        var cookie = client.ResponseHeaders[HttpResponseHeader.SetCookie];
        Response.AddHeader("Set-Cookie", cookie);
    }
    return View();
}

    But using a common authentication service seems like a much better idea instead of doing screen scraping.

    • 0