Several companies running ASP.Net experience this problem. They have several web applications and need common authentication. Out of the box ASP.Net makes the user login in to each different application. I know of several organizations where this was a frustration to hundreds if not thousands of user.

Luckily the fix is trivial. Open up machine.config (beg, grovel, kiss the feet of your sys-admin if necessary) and make this change:

Original machine.config entry:

<machineKey validationKey=”AutoGenerate,IsolateApps” decryptionKey=”AutoGenerate” validation=”SHA1″/>

To enable sharing of cookie authentication:

<machineKey validationKey=”AutoGenerate” decryptionKey=”AutoGenerate” validation=”SHA1″/>

>>Totally trivial change that took under five minutes of searching documentation but I bet many organizations are struggling with separate logins even today. All the more reason to hire a Microsoft Certified .Net consultant [shameless plug!].