Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

ASP.NET Identity Cookie across subdomains

For forms authentication I used this in web.config (note the domain attribute):

<authentication mode="Forms">   <forms loginUrl="~/Account/Login" timeout="2880" name=".ASPXAUTH" protection="Validation" path="/" domain=".myserver.dev" /> </authentication> 

How is a single sign-on across subdomains configured for the new ASP.NET Identity Framework in Mvc 5?

More Info:

I am creating a multitenant application. Each client will be on a subdomain:

client1.myapp.com

client2.myapp.com

I want a user to be able to sign on to client1.myapp.com and then go to client2.myapp.com and still be signed in. This was easy with forms authentication. I'm trying to figure out how to do it with the new Identity Framework.

EDIT

Here is the code that eventually worked for me:

app.UseCookieAuthentication(new CookieAuthenticationOptions {   AuthenticationType = "Application",   LoginPath = "/Account/Login",   CookieDomain = ".myapp.com" }); 
like image 867
orourkedd Avatar asked Oct 03 '13 18:10

orourkedd


1 Answers

In Startup.Auth.cs, you will see something like:

for RC:

app.UseSignInCookies(); 

This was removed in RTM and replaced with the explicit configuration of the cookie auth:

    app.UseCookieAuthentication(new CookieAuthenticationOptions {         AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,         LoginPath = new PathString("/Account/Login")     }); 

The CookieAuthenticationOptions class has a CookieDomain property which is what you are looking for I believe.

like image 129
Hao Kung Avatar answered Sep 22 '22 03:09

Hao Kung