I try to run 2 instance of two new ASP.NET MVC5 project with Identity 2.0 installed. Both application are created using the default MVC template and Set as individual authentication without any code modification.
I have run the first application within Visual Studio 2013 RC2 and have created a dummy user account using the web application register interface. After the above step, the Entity framework will create a dummy database with the dummy user login information. Then i login the first application and the login information was shown on header of the home page.
Next i run the second mvc application within the next instance of visual studio, when the web page is launched, i am surprised that i am already login to the second application which doesn't comes with any database. I do not know whats wrong. Under the _LoginPartial.cshtml the following code checks if the user is is authenticated and shows the Log off link. @if (Request.IsAuthenticated)
If the same test was run on different browser, problem wouldn't occurs. I guess something to do with cookies or browser cache. May i know how to avoid the above situation from happening? Or should it be normal?
First time you logged in with your first project, the cookie for domain localhost:1234 was set. Cookie contains the information about username and some other things. Second projects executes and your cookie is still set in the browser for the same domain: localhost. So your second application sees the cookie, reads data from it and accepts that the user is logged in.
No magic, only cookies.