I'm developing a application farm on www.wallinasp.net but my centralized login, like single sign-on, using Forms authentication does not accurately redirects me to any sub application on my site.

Currently, as a test, I created 3 web applications.
www.wallinasp.net
www.wallinasp.net/Test1
www.wallinasp.net/Test2

I have a centralized login.aspx page in www.wallinasp.net
Test1 is using the authorization parameters for the login page and Test2 is using another authorization (Windows)

Below are the web.config for the three applications.

www.wallinasp.net - web.config
<authentication mode="Forms">
<forms name="loginCookie" path="/" loginUrl="/login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>

www.wallinasp.net/Test1 - web.config
[nothing = inherits from parent]

www.wallinasp.net/Test2 - web.config
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>


Thank you,

Anders Wallin
Solution Architect, MCSD

I found the problem and the solution.

[:D]

First of all my assumptions were correct but I was missing a valuable piece of the puzzle.

I found on MSDN a section on machineKey</font id="red"> where it explained that the default behavior is that each application is using different decryption/encryption keys so when my sub application is trying to find the authorization cookie the enc/dec is different than the one creating the original cookie.

So to use the same cookie over an enterprise or web farm just set/create a machineKey with the same enc/dec key for all applications that should share the login authorization.

The authentication/machineKey/authorization section could be omited from any sub applications that would use the same login authorization.

Example web.config
<authentication mode="Forms">
forms name=".ASPXAUTH"
loginUrl="/login.aspx"
protection="All"
timeout="1440"
path="/" />
</authentication>

<machineKey
validationKey="C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A 487D9401E3400267682B202B746511891C1BAF47F8D25C07F6 C39A104696DB51F17C529AD3CABE"
decryptionKey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F"
validation="3DES"
/>

<authorization>
<deny users="?" />
</authorization>



Anders Wallin
Solution Architect, MCSD

The information can be found on msdn

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconformsauthenticationacrossapplications.asp

and

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/gngrfmachinekeysection.asp

[:p]

Anders Wallin
Solution Architect, MCSD