Cross application authentication IIS to sub application

Question

The issue I am having is I get a second login request when directed to the page in FileUploadWAP application. If the login code and config are deployed to the root default site the shared authentication works. I suspect that the path to the cookie is the problem or the machineKey.

Web site in IIS DefaultWebSite Other Application1 Other Application2 StaffLocal (is an application) FileUploadWAP (is an application under StaffLocal )

Web Config file in StaffLocal  
<authentication mode="Forms">
        <forms loginUrl="login.aspx" 
         name="StaffWeb"
         timeout="610" 
         path="/" 
         slidingExpiration="true"
         enableCrossAppRedirects="true" 
         protection="All">
        </forms>        
</authentication>

Web Config file in StaffLocal/FileUploadWAP  
<authentication mode="Forms">
    <forms loginUrl="../Login.aspx" (If the .. are removed get error can’t find Login.aspx.)
    name="StaffWeb"
    timeout="610" 
    path="../"     (have tried / and ../ and other variants)
    slidingExpiration="true" 
    enableCrossAppRedirects="true"
    protection="All">
    </forms>
</authentication>

Same in both configs
<machineKey 
    decryption="DES" 
    decryptionKey="966CF55FB064D15A13789E90CF5B91E640436E07AB6C71A3" 
    validation="SHA1"

validationKey="E329E5ECDD7EE4B3BDF27A563F91A38888FA95E5259914DBADD86F9ED681A41732E609F8338" />

Web site in IIS DefaultWebSite Other Application1 Other Application2 StaffLocal (is an application) FileUploadWAP (is an application under StaffLocal ) — John, Jan 03 '19 at 19:21

score 0 · Answer 1 · answered Jan 03 '19 at 20:19

0

Answering my own question. I changed the configs to use AES and authentication started working.

answered Jan 03 '19 at 20:19

John

49
1
5

Cross application authentication IIS to sub application

1 Answers1

Linked