I´m doing SSO App with user management in MVC 5, but I can't share the cookie between apps for example
http ://SSO
http ://app
different sites in IIS, I think this is something like cross domain, so in the app2 when I have something like this in the startup.auth
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
CookieName = "sharedcookie",
CookieDomain = "SSO",
CookieHttpOnly = false,
//CookieDomain = "localhost",
AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
UPDATE: thanks to Chris Pratt for the answer that there is no way to do this which leads me to another question that is can I share a cookie between
name1.domain.com/app1 and
name2.domain.com/app2
With OWIN?
Found this article on code project today when I was wondering the same thing, not 100% sure but definitely seems possible to me.
Part 1 - The design: http://www.codeproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic
Part 2 - The implementation: http://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl
Granted this is not actually sharing a cookie between domains but using a SSO user management web service (which seems fine to me!)
NB: I know link only answers are discouraged but these articles are huge, anyone who wants to tell me how to do this properly is welcome :)