Skip to main content

How To Access Cookie Across Sub Domain In ASP.NET(C#).

Now a days Single Sign-On is a common need of organizations. Organizations want to use the same login details across their all application. Most of the times, internal applications are hosted on the same domain using Sub-Domains.

If we observe the application level, all applications are different for every sub-domain. So, for that, we need to persist the Session or User Identity while accessing the applications.

Here are some steps to achieve this in ASP.NET. Below are some of the configuration settings which you need to do in Web.config.
<authentication mode="Forms">
   <forms loginUrl="~/" name=".ASPXFORMSAUTH" timeout="20" domain=".xxxxxxxx.xxx" path="/" protection="All" enableCrossAppRedirects="true" /> 
</authentication>
Here, you need to specify the parent domain with (.) so that it will get access of all sub domains of the parent domain.

Add the above line to all applications which will get hosted on the sub-domain.

Also, add the same Machine Key in all web.config.
<machineKey validationKey="XXXXXXXXXXXXXXXXXXXXXXXXXXX" decryptionKey="XXXXXXXXXXXXXXX" validation="SHA1" decryption="AES" />
After authentication, create a cookie with all necessary user details as below.
var json = JsonConvert.SerializeObject(data);
var ticket = new FormsAuthenticationTicket(1, DateTime.Now,DateTime.Now.AddHours(2), true, json); 
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); 
cookie.Domain = "XXXXXXXXXX";//This should be parent Domain not Sub Domain. even if there is setting in your Web.Config you need to specify this 
Response.Cookies.Add(cookie);
Here, your cookie is created. Now, it's time to access the created cookie.

In Global.asax, Application_AuthenticateRequest method you can access cookie and set the session. The cookie gets accessed with the below line.
var cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName]; 
After getting the cookie, you can set the user data so that we can use it in the application.
if (cookie == null)
{
   HttpContext.Current.User = cookie.data;
} 
Labels:
Location: Delhi, India

Comments

Post a Comment

Popular posts from this blog

Generating serial numbers and keys in Asp.net(C#).

here we are using GUID for generate serial numbers and GUID is always unique. Example format: XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX. Guid SerialKeyGuid = Guid.NewGuid(); string AccessKey = SerialKeyGuid.ToString("N"); string AccessKeyLength = AccessKey.Substring(0, 28).ToUpper(); char[] serialArray = AccessKeyLength.ToCharArray(); string SerialNumber = ""; int P = 0; for (int B = 0; B < 28; B++) {                 for (P = B; P < 4 + B; P++)                 {                     SerialNumber += serialArray[P];                 }                 if (P == 28)                 {                     break;                 }         ...
Post a Comment
Read more

How to write Unit Tests in .net

Unit tests are automated tests that verify the behavior code like methods and functions. Writing unit tests is crucial to clean coding, as they help ensure your code works as intended and catches bugs early in the development process. I can share some tips for writing effective unit tests: Write tests for all public methods Every public method in your code should have a corresponding unit test. This helps ensure that your code behaves correctly and catches any unexpected behavior early. public class Calculator { public int Add(int a, int b) { return a + b; } } [TestClass] public class CalculatorTests { [TestMethod] public void Add_ShouldReturnCorrectSum() { // Arrange Calculator calculator = new Calculator(); int a = 1; int b = 2; // Act int result = calculator.Add(a, b); // Assert Assert.AreEqual(3, result); } } Test boundary conditions  Make sure to test boundary conditions, such a...
Post a Comment
Read more