Loading ...

Logging off from child site is deleting form authentication cookie of parent site | CodeAsp.Net

Logging off from child site is deleting form authentication cookie of parent site

 /5
0 (0votes)

While working with two asp.net application one parent and second one its child I noticed that logging off from child site was deleting the form authentication cookie of parent site. This was because of the reason that I was not explicitily setting the path and domains for the form authentication cookies. Below are the settings which fixed my issue:

Parent site:

 <authentication mode="Forms">
      <forms loginUrl="login.aspx" domain="mysite.com" />
    </authentication>


Child Site:

    <authentication mode="Forms">
      <forms loginUrl="login.aspx" domain="mysite.com" path="/childsite"/>
    </authentication>

You need to focus on one thing more when you are creating FormAuthentication cookie manually. Don't forget the domain and path to include while creating cookie:

var ticket = new FormsAuthenticationTicket(1, "username", DateTime.Now,
                                            DateTime.Now.AddMonths(1),
                                            true, "password");
string ticketString = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketString);
cookie.Expires = DateTime.Now.AddMonths(1);
cookie.Path = FormsAuthentication.FormsCookiePath;
if (!string.IsNullOrEmpty(FormsAuthentication.CookieDomain))
{
    cookie.Domain = FormsAuthentication.CookieDomain;
}

HttpContext.Current.Response.Cookies.Add(cookie);





Comments (no comments yet)

Top Posts