Reputation: 5789
For different IIS Applications that are under the same IIS Web Site, how to configure separate Forms Authentication?
I have an Asp.Net MVC application using Forms Authentication that is published to the same IIS Web Site under different Application Names:
Default Web Site/Dashboard
Default Web Site/Partner
Using Chrome, if I go to the Dashboard instance and log in, everything seems to work fine. If I open a separate browser window and navigate to the Partner instance, I am prompted to log in as expected. Upon logging into Partner instance, everything seems to work fine as well. The problem arises when I go back to my previous browser window and try to access an authenticated resource on the Dashboard instance, where I get redirected to the Login page as if I had somehow been logged out. If I log in again on the Dashboard instance, thing work fine again. But if I go to the Partner instance, I discover that I get logged out there. It seems that the act of logging into the other application instance somehow logs me out of the previous one. I did some goggling and it appears the problem is caused by my forms authentication cookie settings. Here is what I was using:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn"
timeout="1576800"/>
</authentication>
I did not specify a cookie path explicitly, so I figured the cookie path might be shared by the application instances so it was getting overwritten. So I tried to specify a cookie path explicitly. So when I publish Dashboard, I used this:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn"
timeout="1576800"
cookieless="UseCookies"
path="/Dashboard" />
</authentication>
And for Partner, I used this:
<authentication mode="Forms">
<forms loginUrl="~/Account/LogOn"
timeout="1576800"
cookieless="UseCookies"
path="/Partner" />
</authentication>
However this did not work at all. With these settings I can not even log in and out properly. My goal is to have the Dashboard and Partner instances be totally independent for forms authentication, so logging into one does not influence the other. Is this possible without putting them in different IIS Web Site names?
Upvotes: 3
Views: 1146
Answers (1)
Reputation: 11586
In the web.config for each application, set unique name for the cookie name in your authentication tags
<authentication name="DashBoard" mode="Forms">
<forms loginUrl="~/Account/LogOn" />
</authentication>
Upvotes: 3
Related Questions
- ASP.NET MVC - Same authentication between two applications
- How to do Forms Authentication Across Applications in asp.net mvc
- Sharing authentication between two web applications
- Forms Authentication Shared Across Websites
- Authentication for separate applications on the same domain
- Setting up Forms Authentication for multiple Web Apps in MVC 5 based on OWIN
- ASP.NET Forms Authentication between Applications with different form credentials
- Form authentication across multiple applications
- Multiple ASP.NET web applications with common Login(authentication)
- Configure ASP.NET application to use two authentication methods?