We’ve been investigating this issue for a week now. We have two applications deployed

Question

0

Asked: May 17, 20262026-05-17T20:22:45+00:00 2026-05-17T20:22:45+00:00

We’ve been investigating this issue for a week now. We have two applications deployed

0

We’ve been investigating this issue for a week now.
We have two applications deployed in two servers.
domain.com.cz/app1
sub.domain.com.cz/app2

They do have the same validationKey, decryptionKey, and validation properties in machineKey section.

They also have the same domain in forms authentication, also enableCrossAppRedirects=”true” and cookieless=”UseCookies”.

They have been sharing authentication for years already, but now its not working.
As told by sys ads, there were no server config happened prior to the problem.

What other check items should we scan?
Thank you.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-17T20:22:46+00:00

Editorial Team

2026-05-17T20:22:46+00:00Added an answer on May 17, 2026 at 8:22 pm

The first thing to check is whether the cookie is sent to the second subdomain. You could use FireBug for this.

If the cookie is sent there could be various reasons for authentication not working:

Different versions of the .NET framework (IIRC in .NET 4.0 they changed encryption algorithms)
Differences in security patches installed? There are some KB patches for .NET that modify the encryption algorithms.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

We’ve been investigating this issue for a week now. We have two applications deployed

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply