0

I have a website with two different domain.

  1. us.site.com
  2. usa.site.com

Now when user Click on Login It first check its country. According to country I want to redirect whole site on that url and that time it not again asks for account id and password. so i want to maintain these things but it should not visible in Url.

Please Suggest me any way to do this. I don't want to use QueryString and Cookie

Dhruvin shah
  • 197
  • 1
  • 12
  • Basic idea as following. You can use cookies. On login, create a cookie for "site.com" having user information. When user redirects to for say login to usa.site.com, check the cookies in pageload. If you found the cookies read the cookies and convert it to session. Use session further to check loogged in user information. – John Sep 25 '15 at 06:13
  • Is there any otherway because cookies are not secure.. – Dhruvin shah Sep 25 '15 at 06:15

2 Answers2

1

Posting my comment as an answer. Basic idea as following. You can use cookies. On login, create a cookie for "site.com" having user information. When user redirects to for say login to usa.site.com, check the cookies in pageload. If you found the cookies read the cookies and convert it to session. Use session further to check loogged in user information.

Related question link, How can you keep a session across multiple subdomains in c# mvc?

How can I share a session across multiple subdomains in ASP.NET?

Write cookies from subdomain and read from another subdomain without changing web.config

To make cookie secure use encryption.

Reference : http://www.codeproject.com/Articles/13665/HttpSecureCookie-A-Way-to-Encrypt-Cookies-with-ASP

Encrypt cookies in ASP.NET

http://www.c-sharpcorner.com/UploadFile/manishkdwivedi/encrypting-and-decrypting-cookies-in-Asp-Net-2-0/

Community
  • 1
  • 1
John
  • 351
  • 4
  • 16
  • I read the disadvantage of cookie that cookie are domain specific...In this case I have two different domains so can I read cookie value from one domain to another? I have tested your solution on local host..I created two localhost web applications and created cookie using js ..In this case when I write window.location="http://localhost :548741//Login.aspx" and when I read cookie on that webapplication I can read it ..but Is this solution also helpful to actual domains? – Dhruvin shah Sep 29 '15 at 05:50
  • As in your question you are having two sub domains. `us.site.com` and `usa.site.com`. Now your domain name is `site.com`. If you are setting cookies for `site.com` then the cookies will be accessible from the sub domain `us.site.com` and `usa.site.com` – John Sep 29 '15 at 05:57
  • do you have some other technique? I don't want to use cookies and querystring – Dhruvin shah Oct 01 '15 at 12:01
0

Use MD5/SHA Encryption to store value in cookie and once you redirect to other page then use decryption Algo and use that cookie value.

It will solve your issue.. Check below link for reference - http://www.codeproject.com/Articles/38951/How-To-Hash-Data-Using-MD-and-SHA

http://www.codeproject.com/Articles/14150/Encrypt-and-Decrypt-Data-with-C http://www.codeproject.com/Articles/12602/Using-MD-Encryption-with-C-and-MSSQL

Or you can use alternative way to store value in database temp table

Shirish
  • 1,252
  • 11
  • 20