"Geoff" <Geoff.Pennington.ctr@NOSPAMwhs.mil> wrote in message
news:O7Hns4RbFHA.2076@TK2MSFTNGP15.phx.gbl...
> We have two applications hosted on the same web server. The authentication
> section of the web.config file is the same in each; it is
> <authentication mode="Forms">
>  <forms name=".MyCookie" loginUrl="Login.aspx" protection="All"
> timeout="180" path="/"/>
> </authentication>
>
> There is a link between the two applications, and anyone who has access to
> both, and is signed on to one of them, should not have to sign on again
> when clicking the link to the second. But in fact you do need to sign on
> again. Also, if you go back to the first app you have to sign on there
> again even though the original signon has not expired.
>
> My first thought was that they must not actually be sharing a cookie, even
> though the name in each case is ".MyCookie". I did a search for
> ".MyCookie" on my computer (while I was signed on to the app) and couldn't
> find it. I deleted all cookies, and found that I was still signed on.
>
> So I have two questions: (1) How do I arrange so that if you log onto one
> application, your authentication credentials will be passed on to the
> second? (2) Is .Net using something other than a cookie to maintain my
> login state? Or, if it is using cookies, why can't I find it?
>
> Much obliged.
>

"Yunus Emre ALPÖZEN [MCSD.NET]" <ye***@msakademik.net> wrote in message
news:%23L9DQUSbFHA.1312@TK2MSFTNGP09.phx.gbl...
> Take a look at this <machinekey> element in machine.config
>
> <machineKey validationKey="AutoGenerate,IsolateApps"
> decryptionKey="AutoGenerate,IsolateApps" validation="SHA1"/>
>
> ...means isolates apps which is default as given above. U must change it
> something like following;
>
>
> <machineKey validationKey="AutoGenerate" decryptionKey="AutoGenerate"
> validation="SHA1"/>
>
>
> Thanks,
> Yunus Emre ALPÖZEN
> BSc, MCSD.NET
>
> "Geoff" <Geoff.Pennington.ctr@NOSPAMwhs.mil> wrote in message
> news:O7Hns4RbFHA.2076@TK2MSFTNGP15.phx.gbl...
>> We have two applications hosted on the same web server. The
>> authentication section of the web.config file is the same in each; it is
>> <authentication mode="Forms">
>>  <forms name=".MyCookie" loginUrl="Login.aspx" protection="All"
>> timeout="180" path="/"/>
>> </authentication>
>>
>> There is a link between the two applications, and anyone who has access
>> to both, and is signed on to one of them, should not have to sign on
>> again when clicking the link to the second. But in fact you do need to
>> sign on again. Also, if you go back to the first app you have to sign on
>> there again even though the original signon has not expired.
>>
>> My first thought was that they must not actually be sharing a cookie,
>> even though the name in each case is ".MyCookie". I did a search for
>> ".MyCookie" on my computer (while I was signed on to the app) and
>> couldn't find it. I deleted all cookies, and found that I was still
>> signed on.
>>
>> So I have two questions: (1) How do I arrange so that if you log onto one
>> application, your authentication credentials will be passed on to the
>> second? (2) Is .Net using something other than a cookie to maintain my
>> login state? Or, if it is using cookies, why can't I find it?
>>
>> Much obliged.
>>
>
>

"Yunus Emre ALPÖZEN [MCSD.NET]" <ye***@msakademik.net> wrote in message
news:%23L9DQUSbFHA.1312@TK2MSFTNGP09.phx.gbl...
> Take a look at this <machinekey> element in machine.config
>
> <machineKey validationKey="AutoGenerate,IsolateApps"
> decryptionKey="AutoGenerate,IsolateApps" validation="SHA1"/>
>
> ...means isolates apps which is default as given above. U must change it
> something like following;
>
>
> <machineKey validationKey="AutoGenerate" decryptionKey="AutoGenerate"
> validation="SHA1"/>
>
>
> Thanks,
> Yunus Emre ALPÖZEN
> BSc, MCSD.NET
>
> "Geoff" <Geoff.Pennington.ctr@NOSPAMwhs.mil> wrote in message
> news:O7Hns4RbFHA.2076@TK2MSFTNGP15.phx.gbl...
>> We have two applications hosted on the same web server. The
>> authentication section of the web.config file is the same in each; it is
>> <authentication mode="Forms">
>>  <forms name=".MyCookie" loginUrl="Login.aspx" protection="All"
>> timeout="180" path="/"/>
>> </authentication>
>>
>> There is a link between the two applications, and anyone who has access
>> to both, and is signed on to one of them, should not have to sign on
>> again when clicking the link to the second. But in fact you do need to
>> sign on again. Also, if you go back to the first app you have to sign on
>> there again even though the original signon has not expired.
>>
>> My first thought was that they must not actually be sharing a cookie,
>> even though the name in each case is ".MyCookie". I did a search for
>> ".MyCookie" on my computer (while I was signed on to the app) and
>> couldn't find it. I deleted all cookies, and found that I was still
>> signed on.
>>
>> So I have two questions: (1) How do I arrange so that if you log onto one
>> application, your authentication credentials will be passed on to the
>> second? (2) Is .Net using something other than a cookie to maintain my
>> login state? Or, if it is using cookies, why can't I find it?
>>
>> Much obliged.
>>
>
>

"Geoff" <Geoff.Pennington.ctr@NOSPAMwhs.mil> wrote in message
news:O6j5xidbFHA.2420@TK2MSFTNGP12.phx.gbl...
> The machine.config was exactly as you said, and we made the change you
> suggested. Unfortunately it made no difference. Any other ideas?
>
> "Yunus Emre ALPÖZEN [MCSD.NET]" <ye***@msakademik.net> wrote in message
> news:%23L9DQUSbFHA.1312@TK2MSFTNGP09.phx.gbl...
>> Take a look at this <machinekey> element in machine.config
>>
>> <machineKey validationKey="AutoGenerate,IsolateApps"
>> decryptionKey="AutoGenerate,IsolateApps" validation="SHA1"/>
>>
>> ...means isolates apps which is default as given above. U must change it
>> something like following;
>>
>>
>> <machineKey validationKey="AutoGenerate" decryptionKey="AutoGenerate"
>> validation="SHA1"/>
>>
>>
>> Thanks,
>> Yunus Emre ALPÖZEN
>> BSc, MCSD.NET
>>
>> "Geoff" <Geoff.Pennington.ctr@NOSPAMwhs.mil> wrote in message
>> news:O7Hns4RbFHA.2076@TK2MSFTNGP15.phx.gbl...
>>> We have two applications hosted on the same web server. The
>>> authentication section of the web.config file is the same in each; it is
>>> <authentication mode="Forms">
>>>  <forms name=".MyCookie" loginUrl="Login.aspx" protection="All"
>>> timeout="180" path="/"/>
>>> </authentication>
>>>
>>> There is a link between the two applications, and anyone who has access
>>> to both, and is signed on to one of them, should not have to sign on
>>> again when clicking the link to the second. But in fact you do need to
>>> sign on again. Also, if you go back to the first app you have to sign on
>>> there again even though the original signon has not expired.
>>>
>>> My first thought was that they must not actually be sharing a cookie,
>>> even though the name in each case is ".MyCookie". I did a search for
>>> ".MyCookie" on my computer (while I was signed on to the app) and
>>> couldn't find it. I deleted all cookies, and found that I was still
>>> signed on.
>>>
>>> So I have two questions: (1) How do I arrange so that if you log onto
>>> one application, your authentication credentials will be passed on to
>>> the second? (2) Is .Net using something other than a cookie to maintain
>>> my login state? Or, if it is using cookies, why can't I find it?
>>>
>>> Much obliged.
>>>
>>
>>
>
>

"Yunus Emre ALPÖZEN [MCSD.NET]" <ye***@msakademik.net> wrote in message
news:OlZ%23xWfbFHA.2128@TK2MSFTNGP15.phx.gbl...
> Ok Take a look at this link:
>
> http://www.wwwcoder.com/main/parentid/258/site/4922/68/default.aspx
>
> --
>
> Thanks,
> Yunus Emre ALPÖZEN
> BSc, MCSD.NET
>
> "Geoff" <Geoff.Pennington.ctr@NOSPAMwhs.mil> wrote in message
> news:O6j5xidbFHA.2420@TK2MSFTNGP12.phx.gbl...
>> The machine.config was exactly as you said, and we made the change you
>> suggested. Unfortunately it made no difference. Any other ideas?
>>
>> "Yunus Emre ALPÖZEN [MCSD.NET]" <ye***@msakademik.net> wrote in message
>> news:%23L9DQUSbFHA.1312@TK2MSFTNGP09.phx.gbl...
>>> Take a look at this <machinekey> element in machine.config
>>>
>>> <machineKey validationKey="AutoGenerate,IsolateApps"
>>> decryptionKey="AutoGenerate,IsolateApps" validation="SHA1"/>
>>>
>>> ...means isolates apps which is default as given above. U must change it
>>> something like following;
>>>
>>>
>>> <machineKey validationKey="AutoGenerate" decryptionKey="AutoGenerate"
>>> validation="SHA1"/>
>>>
>>>
>>> Thanks,
>>> Yunus Emre ALPÖZEN
>>> BSc, MCSD.NET
>>>
>>> "Geoff" <Geoff.Pennington.ctr@NOSPAMwhs.mil> wrote in message
>>> news:O7Hns4RbFHA.2076@TK2MSFTNGP15.phx.gbl...
>>>> We have two applications hosted on the same web server. The
>>>> authentication section of the web.config file is the same in each; it
>>>> is
>>>> <authentication mode="Forms">
>>>>  <forms name=".MyCookie" loginUrl="Login.aspx" protection="All"
>>>> timeout="180" path="/"/>
>>>> </authentication>
>>>>
>>>> There is a link between the two applications, and anyone who has access
>>>> to both, and is signed on to one of them, should not have to sign on
>>>> again when clicking the link to the second. But in fact you do need to
>>>> sign on again. Also, if you go back to the first app you have to sign
>>>> on there again even though the original signon has not expired.
>>>>
>>>> My first thought was that they must not actually be sharing a cookie,
>>>> even though the name in each case is ".MyCookie". I did a search for
>>>> ".MyCookie" on my computer (while I was signed on to the app) and
>>>> couldn't find it. I deleted all cookies, and found that I was still
>>>> signed on.
>>>>
>>>> So I have two questions: (1) How do I arrange so that if you log onto
>>>> one application, your authentication credentials will be passed on to
>>>> the second? (2) Is .Net using something other than a cookie to maintain
>>>> my login state? Or, if it is using cookies, why can't I find it?
>>>>
>>>> Much obliged.
>>>>
>>>
>>>
>>
>>
>
>