Assume that we have two web application hosted on different virtual directory but under same domain. As for example, our root domain is: http://www.cookietest.com and
Other two virtual directory hosted under this domain are
http://www.cookietest.com/cookiesite1/Login.aspx
http://www.cookietest.com/cookiesite2/Default.aspx
If we login successfully in cookiesite1 then it writes the login information in cookie and now opens another tab or a new window in same browser (IE, FF whatever you like). Place this address http://www.cookietest.com/cookiesite2/Default.aspx in address bar logged in automatically in cookiesite2. When we try to access in cookiesite2 –> Default.aspx it checks the login information from cookie. If desired value found in cookie then you logged in automatically. Remember you need to enable cookie in your browser for all of these activities.
Configuration:
1. Web.Config
Before coding we need to some configure in our web.config file. Though cookiesite1 and cookiesite2 are in different virtual directory their web.config file must contains the same machine validationKey, decryptionKey and validation.
Like this,
<machineKey validationKey="282487E295028E59B8F411ACB689CCD6F39DDD21E6055A3EE480424315994760ADF21B580D8587DB675FA02F79167413044E25309CCCDB647174D5B3D0DD9141"
decryptionKey="8B6697227CBCA902B1A0925D40FAA00B353F2DF4359D2099"
validation="SHA1" />
2. IIS
In IIS->Directory security tab add the "ASPNET Machine Account" user and set the full rights.
Coding:
Write cookie after login complete:
Place this code in cookiesite1->Login.aspx.cs
If(login_Successful)Check cookie is exist or not on page_load
{
//Create a new cookie, passing the name into the constructor
HttpCookie cookie = new HttpCookie(“strCookieName”);
//Set the cookies value
cookie.Value =”set_cookie_value”;
//Set the cookie to expire in 5 minute
DateTime dtNow = DateTime.Now;
TimeSpan tsMinute = new TimeSpan(0, 0, 5, 0);
cookie.Expires = dtNow + tsMinute;
//Add the cookie
Response.Cookies.Add(cookie);
Response.Write("Cookie written. ");
}
Place this code in cookiesite2->Default.aspx.cs
protected void Page_Load(object sender, EventArgs e)
{
//Grab the cookie
HttpCookie cookie = Request.Cookies[“strCookieName”];
//Check to make sure the cookie exists
if (cookie != null)
{
ReadCookie();
}
Else
{
lblCookie.Text = "Cookie not found. ";
}
}
Read cookie when page load:
Add this method in cookiesite2->Default.aspx.cs
protected void ReadCookie()
{
//Get the cookie name the user entered
//Grab the cookie
HttpCookie cookie = Request.Cookies[“strCookieName”];
//Check to make sure the cookie exists
if (cookie == null)
{
lblCookie.Text = "Cookie not found. ";
}
else
{
//Write the cookie value
String strCookieValue = cookie.Value.ToString();
lblCookie.Text = "The cookie contains: " + strCookieValue + "";
}
}
Test the application in localhost.And for more information:
http://msdn.microsoft.com/en-us/library/aa289495%28VS.71%29.aspx#vbtchaspnetcookies101anchor10
http://www.aspnettutorials.com/tutorials/network/cookies-csharp.aspx
http://www.developer-corner.com/Resources/KnowledgeBase/tabid/118/articleType/ArticleView/articleId/23/PageID/10/Single-Sign-On-across-multiple-ASPNET-applications.aspx
6 comments:
Good idea, practical example in best way. i think helpful to programmers
easy practical example for a programmer, i think helpful
thanks for your reply.
Hi,
Can you please explain the logout scenario as well? Because when I tried to implement the logout by expiring the cookie, I was successfully logged out of the main app, but not from the sub apps.
Thanks
For "single sign on" when you login in one application then it is allowed to another application in logged in status. Same for logout process when logout it would be logged out from whole application.
hi, new to the site, thanks.
Post a Comment