3

I have a solution that has two applications. Is it possible to make the user sign in only once?

For example, in the main application I do authentication like this:

FormsAuthentication.SetAuthCookie(ContactFound.ContaLogin, model.RememberMe);

And I put this code in the web.config file:

<authentication mode="Forms">
  <forms 
    loginUrl="~/Account/LogIn" 
    defaultUrl="~/Account/LogOn" 
    timeout="15"
  />      
</authentication>

What should I add, so that, when the user is logged in, in the main application we don't ask him to log in again when he connect to the second application?

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
kbaccouche
  • 4,575
  • 11
  • 43
  • 65
  • Are both applications going to be hosted on the same server/domain? – hangy Apr 09 '12 at 12:50
  • Yes, they will be hosted in the same server, but is there a difference ? – kbaccouche Apr 09 '12 at 12:51
  • 1
    Yup - cross domain would be much more difficult, because cookies cannot be used from a different domain. Your case should be fairly straight on, because you do not have that problem. (see http://stackoverflow.com/a/10073566/11963) – hangy Apr 09 '12 at 13:01

1 Answers1

5

Since you are going to host both applications at the same address, it should be easily possible by setting the <machineKey> (web.config) to the same value for both applications. After that, you should automatically be logged in to one application after logging in to the other.

Further reading:

Community
  • 1
  • 1
hangy
  • 10,765
  • 6
  • 43
  • 63