Single Sign-on(SSO ),A very old problem.
For details, see single sign-on for everyone.
Michael MorozovFor many scenariosSSOElaborated:
1. parent / sub-applications are between virtual subdirectories. SSO.
2. SSO ( username ing )
3. between second-level subdomain name applications under the same root SSO
4. different . net SSO
5. SSO between applications with different domain names .
6. SSO ( form verification /Windows Verification )
Although we have already described in detail the various situations,But I still encountered some problems..Spent a day,Share:
(I tested: Http: // localhost/test1/, http: // localhost/Test2/, http: // localhost/test3 /)
1.In all applicationsWeb. configSet the sameName,For example. Croauth
<Authentication mode = "forms">
<Forms name = ". croauth" Protection = "all" loginurl = "login. aspx"/>
</Authentication>
2.All applicationsWeb. configOfSystem. WebAdd under NodeMachinekey,The default value is automatically generated by each application.
<Machinekey validationkey = "f9d1a2d3e1d3e2f7b3d9f90ff3965abdac304902" decryptionkey = "decrypt" validation = "sha1"/>
3.Each application has its own logon page.,After verificationRedirectfromloginpageJump.
If (Fa. login (strlogcode, strpassword ))
Formsauthentication. redirectfromloginpage (strlogcode, false );
4.AlthoughSSO,They only shareCookie,Several applications will be created during the redirection.Seesion.
Each application only shares the login name information.,YesSessionInformation completion Mechanism.For exampleLogcodeObtain a department,Emails, etc..