3

I'm using Windows Authentication on two separate websites, on the same server, with the same domain postfix. Both are using https with two certificates. The problem is that when external users visit both sites, they are prompted for credentials twice even though the credentials will be exactly the same.

I've tried disabling Anonymous Authentication on both sites. External users will not be using machine connected to the domain, so I can't add the sites to any sort of intranet zone.

Is there anything I can change to allow each site to accept the authentication cookie from a related site??

Kye
  • 5,919
  • 10
  • 49
  • 84
  • 1
    is the complete origin identical on each site? ie http://my.comp.org/site1 http://my.comp.org/site2 or are they different like http://site1.my.comp.org http://site2.my.comp.org? – Mark Mar 19 '15 at 16:52
  • 1
    Sounds like you need to implement Single Sign On between the sites so that they trust the issuer of the auth token if it is the other site. http://en.wikipedia.org/wiki/Single_sign-on – Veselin Vasilev Mar 23 '15 at 03:44
  • Yep. Could you provide some guidance on how to set up SSO with IIS? – Kye Mar 23 '15 at 03:55

2 Answers2

1

What helped my was to ensure that NTLM is the preferred provider for windows authentication (see IIS Manager -> site -> Authentication -> Providers).

enter image description here

The default setting is Negotiate first which didn't work for us.

In addition both sites need to be in the same internet zone.

Stephen Reindl
  • 5,659
  • 2
  • 34
  • 38
1

In your case, you can try How can I share a session across multiple subdomains in ASP.NET? and Sharing ASP.NET Web Application's Session State and How to share session state across subdomains

But I think "Token Based Authentication" is better for you. You can try JWT(JSON Web Token), it is cross domain, but you have to write some code. JWT

You can also try AOuth2, which is too heavy for this case. Also, you have to write some code. OAuth2

Community
  • 1
  • 1
neohope
  • 1,822
  • 15
  • 29