Reputation: 615
Authentication for MVC application and WebAPI sub-application
I am designing a web application, and I have split the application into two web projects, an MVC project and a WebAPI project. The MVC project is deployed to a virtual host bound to http://mysite.com/app. The WebAPI project is deployed as sub-application of the MVC application and is bound to http://mysite.com/app/Data. The reason for this split is so that the WebAPI site could be packaged as an independent assembly for the data tier, while the MVC site serves as the presentation tier.
Authentication and authorization are working as expected in the top-level MVC application, but not in the WebAPI sub-application. I would have expected the sub-application to share the same HttpContext as its parent. Am I mistaken about this?
Is there a way to couple the parent and sub applications together so that they use the same authorization context as each other?
Upvotes: 1
Views: 904
Answers (1)
Reputation: 3908
I don't think HttpContext can be shared between two applications.
Since two applications are under same domain, it's possible to share cookie authentication between them. Here is a MSDN link about sharing cookie for two applications.
I don't feel it's necessary to use two applications here. You can put all web api related code in another assembly and make MVC app to reference to it.
Upvotes: 3
Related Questions
- web api authentication in MVC application?
- Authentication In MVC & WebAPI Website
- mvc forms authentication separated from webapi authentication
- Authentication in webAPI
- MVC to WebAPI authentication for the same application
- MVC 4.0 WebApi Application and Mixed Authentication
- .NET WebApi Authentication
- WebApi and Controller Authentication
- Authentication between mvc and webapi (Separate domains/Applications)
- Authentication for ASP.Net MVC 4 and WebApi