forms authentication and simulating

[Guest]

I have one application that is used within our intranet that places a forms auth cookie for our domain (for intranet purposes only). All other applications rely on this cookie for authentication and user identification. i.e. on the 2nd applications if the cookie does not exist the user is redirected back to the primary app to get the forms authentication cookie
Now, if i want to run locally the 2nd application it is looking for a authentication cookie from the 1st one (on my localhost). So, currently the only way that i can run the 2nd app is to run the first app (the one that places the cookie) on my localhost. After the first app has ran i can now run the second application (as it can find a cookie on my local pc)

I use page.user.identity.name throughout the application to identify the end user. In hindsite this may not have been good idea due to my current problem

I have the forms authentication cookie set for a domain level. Why does the 2nd application not accept the cookie that was placed by the production environment forms authentication application? Any suggestions would be greatly appreciated.

 

[Steven Cheng[MSFT]]

Hi Dy,

From your description, you'd like to implement the FormsAuthentication
cross multi asp.net web application on separate machines in the local
intranet, yes?

Based on my understanding, the key point of the FormsAuthentication
acrossing multi web application is to shared the Authentication
cookie(token) across multi application. To resolve this , we have to make
some certain attributes under the <forms> element must be identical across
all the applications participating the webfarm authentication, they're
name, protection, path, validationKey, decryptionKey, and validation.
Here is the certain reference in MSDN:

#Forms Authentication Across Applications
http://msdn.microsoft.com/library/en-us/cpguide/html/cpconformsauthenticatio
nacrossapplications.asp?frame=true

Please have a check to see whether all the settings are identical in your
two web applications. If you have any new findings, please feel free to
post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

 

[Guest]

Thank you very much. Late last night I figured this out.

A significant source of my problem was that when testing on my localhost it was not working. Apparently when accessing the 2nd application on my local pc i must use http://{nodename}.{domain}.com to access the application not http://localhos
Please confirm that this is correct. Is there another work around

Is there a work around so that when debugging it will access the local pages via the http://nodename ... format instead of http://localhost ? i.e. if i right click a page and tell it to use this page for startup it will go into debug mode via http://locahost/requestedpage.aspx instead of http://nodename.domain.com/requestedpage.asp

thanks for your quick response.

 

[Steven Cheng[MSFT]]

Hi Dy,

Thanks for the followup. I think you're correct, since the
FormsAuthentication's Authenticaiton Token is stored in client cookie by
default and the cookie is identify by the site's Domain name and path, so
if we don't use the correct domain name to visit the web application, the
cookie will fail to be shared.
Also, as for the debug problem, I'm afraid the "http://locahost" is the
fixed setting and it is only for single web application scenario. As for
your situation, you have multi-application need to use the same domain
name, I think you can manually visit the web application in IE browser and
use the Debug->processes to attach the aspnet_wp workerprocess to debug.
How do you think of this?

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

 

[mike]

" I think you can manually visit the web application in IE browser and
use the Debug->processes to attach the aspnet_wp workerprocess to
debug.
How do you think of this? "

This seems like it is a work around but will make debugging very
painful as for each time you run you need to click 4 buttons to enter
debug mode. Are there any other alternatives? We are using this
forms auth. ticket for all our intranet apps so this could be quite
annoying.

Any ideas?
thx
dave

 

[Steven Cheng[MSFT]]

Hi Dave,

After some further research, I think we can use F5 to debug the web project
via a specified url rather than the localhost. In fact, in VS.NET we can
set the web project's debug mode. Open the project's property Pages
select "Configuration Properties" -> "Debugging" and under the
"StartAction" node, we can set the
"Debug Mode" property, by default it is project and the application's url
will be fixed with Http://locahost/app

However, we can change the mode to "Url" ,and then set the "StartUrl"
property as the page url we want to start with.
After that, when we push F5 to start debuging , the vs.net will launch the
IE window with the certain url setting above.

#Since we use this means to debug a local web application with a alias name
url, if we specify a remote application's url, we have to make sure the
current user account(should be a Domain Account in the local intranet) is
in the remote server's DebugUsers group

Here are some further reference will mention the security setting or
VS.NET remote debugging settings steps:

#Introduction to Web Application Debugging
http://msdn.microsoft.com/library/en-us/vbcon/html/vbconIntroductionToWebApp
licationDebugging.asp?frame=true

#HOW TO: Set Up and Use Remote Debugging in Microsoft Visual Studio .NET
http://support.microsoft.com/?id=318041

Hope also helps. Thanks.


Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

 

[John Saunders]

Thank you very much. Late last night I figured this out.

A significant source of my problem was that when testing on my localhost

it was not working. Apparently when accessing the 2nd application on my
local pc i must use http://{nodename}.{domain}.com to access the application
not http://localhost

Please confirm that this is correct. Is there another work around?

Dave, you should be able to access both applications using http://localhost.
Simply use "" as your cookie domain.

 

[Steven Cheng[MSFT]]

Hi Dave,

Have you had a chance to check out the suggestions in my last reply or have
you got any further ideas on this issue? If you have anything unclear or if
there're anything else we can help, please feel free to post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx