1

I have an asp net mvc application which is on multiple tp level domains:
www.myapp.com
www.myapp.fr
www.myapp.es

I don't find a way to authenticate to all the domains via FormsAuthentication, when I do it for one domain, the cookie is not ok for the other domains

as seen in other questions, it will work for subdomains:
www.myapp.com
fr.myapp.com
es.myapp.com

but not for ccTLD. Is there any clean solution for this ?

tahir
  • 1,016
  • 1
  • 11
  • 21

1 Answers1

0

The clean solution for this would be to build a passive STS (using WIF) and use this to authenticate all your users.

Klaus Byskov Pedersen
  • 117,245
  • 29
  • 183
  • 222
  • don't you have a less cleaner solution but which is still based on formauthentication :$ ? I don't wan't to change all the process, I also use fb authentication, so I don't want to break everything – tahir Feb 12 '12 at 14:09
  • @tahir A passive STS can easily be built on top of forms authentication. As a matter of fact there are samples in the WIF sdk that do this and are ready to run out of the box. But hey, all the apps use the same database right? Just write a custom membershipprovider that sets/checks a `IsLoggedIn` field in the database before doing the same as the `SqlMembershipProvider`, the implementation of which you can see in Reflector. – Klaus Byskov Pedersen Feb 12 '12 at 14:19
  • yes same database, actually same app as well, all ccTLDs are bounded to the same app, the only thing that change is current thread culture, based on url domain. I'll try it, your link contains the samples ? – tahir Feb 12 '12 at 14:25
  • @tahir, come to think about it, you still need some way of identifying the user, so I don't think that my custom MembershipProvider was very well thought through to be honest. – Klaus Byskov Pedersen Feb 12 '12 at 14:26
  • @tahir, just google WIF sdk. It's the most safe and sound way to implement it. – Klaus Byskov Pedersen Feb 12 '12 at 14:27