Single sign-on across multiple ASP MVC 3 applications
I have a solution that has two applications. Is it possible for the user to only log in once?
For example, in my main application, I authenticate like this:
FormsAuthentication.SetAuthCookie(ContactFound.ContaLogin, model.RememberMe);
And I put this code in a file web.config
:
<authentication mode="Forms">
<forms
loginUrl="~/Account/LogIn"
defaultUrl="~/Account/LogOn"
timeout="15"
/>
</authentication>
What do we need to add so that when a user logs into the main app, we don't ask him to log in again when he connected to the second app?
+3
source to share
1 answer
Since you are going to host both applications at the same address, this should be easily possible by setting the <machineKey>
(web.config) parameter to the same value for both applications. After that, you should automatically log into one application after logging into another.
Further reading:
- Single Sign -On (SSO) for ASP.NET Cross-Domain Applications (see How Authentication Works on Multiple ASP.NET Sites Under the Same Domain)
- machineKey Element (ASP.NET Settings Schema)
- SSO with Form Authentication
+5
source to share