ASP.Net Cross Application Cookie Sharing

Several companies running ASP.Net experience this problem. They have several web applications and need common authentication. Out of the box ASP.Net makes the user login in to each different application. I know of several organizations where this was a frustration to hundreds if not thousands of user.

Luckily the fix is trivial. Open up machine.config (beg, grovel, kiss the feet of your sys-admin if necessary) and make this change:

Original machine.config entry:

<machineKey validationKey=”AutoGenerate,IsolateApps” decryptionKey=”AutoGenerate” validation=”SHA1″/>

To enable sharing of cookie authentication:

<machineKey validationKey=”AutoGenerate” decryptionKey=”AutoGenerate” validation=”SHA1″/>

>>Totally trivial change that took under five minutes of searching documentation but I bet many organizations are struggling with separate logins even today. All the more reason to hire a Microsoft Certified .Net consultant [shameless plug!].

This entry was posted in Development (General). Bookmark the permalink.