Sharing Authentication between Two Web Apps (session variable error) RRS feed

  • Question

  • User-219608141 posted

    I am using the bellow code but I got session variable error in second application. How to resolve this issue.

    in web.config

    <machineKey validationKey="1A62ED26251518DE620E7118A9943341AEDEA36E35C7E374553F2F93A0F43F1BE61FE4717246AF15C549737" decryptionKey="B68191FE6ACF945B33BB0D101DD892120B531C1B803FB0300D96F822ED7F19E2" validation="SHA1" decryption="AES" compatibilityMode="Framework20SP1" />

    in login page (after )

    FormsAuthentication.RedirectFromLoginPage(username, false);
    var oCookie = FormsAuthentication.GetAuthCookie(username, false);
    var ticket = FormsAuthentication.Decrypt(oCookie.Value);
    FormsAuthenticationTicket oTicket = new FormsAuthenticationTicket(ticket.Version, username, DateTime.Now, DateTime.Now.AddMinutes(60), true, "");
    string cookieStr = FormsAuthentication.Encrypt(oTicket);
    oCookie.Value = cookieStr;

    Response.Redirect("http://localhost:4841/"); is second application URL, it runs but got error on session variable which I have defined to record the user information.

    Monday, November 18, 2019 11:05 AM

All replies

  • User475983607 posted

    Have you tried setting a break point and debugging your code?  This line...

    FormsAuthentication.RedirectFromLoginPage(username, false)

    redirects to the secured resource the user tried to access before logging in.

    The lines that follow try to read the auth cookie but if you have not redirected yet then the auth cookie will not exist in the request stream.

    Lastly, there is no Session variable shown in the code.

    Monday, November 18, 2019 2:29 PM
  • User-219608141 posted

    Thanks mgebhard. Code is executing fully which stated in my quesion, all session IDs are stored before executing the following line. 

    FormsAuthentication.RedirectFromLoginPage(username, false)

    Although, I have same session IDs in App1 and App2 but when it goes to App2, the session IDs is not available because session IDs are stored on Login.aspx page which is actually not run.

    How share the session between two apps while sharing the authentication?

    Tuesday, November 19, 2019 4:12 AM
  • User-1780421697 posted

    Change the session provider to SQL Server or Redis , for example in case of SQL Server you can share session between two application by making some updates in SP and connection string


    Tuesday, November 19, 2019 5:14 AM
  • User-219608141 posted

    I changed my strategy as of now. I just give a button to switch to another app, that will take the user into login on another app.

    It is working fine but here is a little problem, if useing coming from myfirstapp\department.aspx to mysecondapp\department.aspx and if department.aspx is not found in second app then it gives error resource could not be found.

    I used to check the url is exist before going to that page as follows but it is not working at all.

    public bool urlExists(string url)
                HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
                req.AllowAutoRedirect = false;
                HttpWebResponse res = (HttpWebResponse)req.GetResponse();
                if (res.StatusCode == HttpStatusCode.OK || res.StatusCode == HttpStatusCode.Found)
                    return true;
                    return false;

    Any idea for this plz.

    Monday, November 25, 2019 5:28 AM