c# - How do you pass an authenticated session between app domains -

-

lets have websites www.xyz.com , www.abc.com.

lets user goes www.abc.com , authenticated through normal asp .net membership provider.

then, site, sent (redirection, linked, whatever works) site www.xyz.com, , intent of site www.abc.com pass user other site status of isauthenticated, site www.xyz.com not ask credentials of said user again.

what needed work? have constraints on though, user databases separate, not internal organization, in regards, passing stackoverflow.com google authenticated, separate in nature. link relevant article suffice.

try using formauthentication setting web.config authentication section so:

<authentication mode="forms">   <forms name=".aspxauth" requiressl="true"        protection="all"        enablecrossappredirects="true" /> </authentication>

generate machine key. example: easiest way generate machinekey – tips , tricks: asp.net, iis ...

when posting other application authentication ticket passed hidden field. while reading post first app, second app read encrypted ticket , authenticate user. here's example of page passes posts field:

.aspx:

<form id="form1" runat="server">   <div>     <p><asp:button id="btntransfer" runat="server" text="go" postbackurl="http://otherapp/" /></p>     <input id="hdnstreetcred" runat="server" type="hidden" />   </div> </form>

code-behind:

protected void page_load(object sender, eventargs e) {     formsidentity cidentity = page.user.identity formsidentity;     if (cidentity != null)     {         this.hdnstreetcred.id = formsauthentication.formscookiename;         this.hdnstreetcred.value = formsauthentication.encrypt(((formsidentity)user.identity).ticket);     } }

also see cross app form authentication section in chapter 5 of book wrox. recommends answers ones above in addition providing homebrew sso solution.


Comments

Post a Comment

Popular posts from this blog

c++ - How do I get a multi line tooltip in MFC -

-
right now, have tool tip pops when hover on edit box. problem tool tip contains multiple error messages , in 1 long line. need have each error message on own line. error messages contained in cstring new line seperating them. my existing code below. bool ontooltiptext(uint, nmhdr* pnmhdr, lresult* presult) { assert(pnmhdr->code == ttn_needtexta || pnmhdr->code == ttn_needtextw); // need handle both ansi , unicode versions of message tooltiptexta* pttta = (tooltiptexta*)pnmhdr; tooltiptextw* ptttw = (tooltiptextw*)pnmhdr; // tchar szfulltext[256]; cstring strtiptext=_t(""); uint nid = pnmhdr->idfrom; if (pnmhdr->code == ttn_needtexta && (pttta->uflags & ttf_idishwnd) || pnmhdr->code == ttn_needtextw && (ptttw->uflags & ttf_idishwnd)) { // idfrom hwnd of tool nid = ::getdlgctrlid((hwnd)nid); } //m_errprojaccel[ch] contains 1 or more error messages each...
Read more

asp.net - In javascript how to find the height and width -

-
i having .aspx , masterpage page. in masterpage loading aspx page . in aspx page design using generating table structure using code-behind server in javascript how find height , width . regards, kumar if you're looking table height , width, should it var tbl = document.getelementbyid('tbldemo'); alert(tbl.offsetwidth + '\n' + tbl.offsetheight);
Read more

c# - DataTable to EnumerableRowCollection -

-
i have datatable according client requirement can contain invalid date "00/00/1999",null,empty string.(typed datset) when collect them enumerables wish convert of invalid forms empty string. (i.e) enumerablerowcollection<datarow> query = order in _table.asenumerable() select new { orderdate= string.isnullorempty(convert.tostring(order.field<datetime>("orderdate")) || (how check date invalid date) ? string.empty : order.field<datetime>("orderdate") } how check whether date valid date or not? datetime.tryparse...like given current code: datetime date; enumerablerowcollection<datarow> query = order in _table.asenumerable() select new { orderdate= string.isnullorempty(convert.tostring(order.field<datetime>("orderdate")) || !datetime.tryparse(convert.tostring(order.field<datetime...
Read more