Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I implemented single sign on by reading this article:
http://www.codeproject.com/KB/web-security/aspnetsinglesignon.aspx
However, I have a question from the extensibility point of view. Will the method shown above work if I host 1st application on 1 machine and 2nd application on different machine. I don’t have 2 different servers at the moment otherwise I would have verified it myself. Anybody has any experience?
Thanks.
Yes, it will work as long as your encryption and validation keys defined in the machine.config on both servers are exactly the same. If you forget this it won’t work since a cookie encrypted on one server won’t be decrypted on the other server(s).
The article suggests putting these keys on Web.config. That’s a valid approach, but if you need SSO on multiple websites, it’s probably best to define it in
machine.configprovided you have control over this and all your apps in the same server are meant to share this functionality.