Sharing authentication between two web applications

Question

I have a base web site (Asp.net WebForms application) running under ie.

http://localhost:90/

Then I created a new (this ti

Answer 1

I found it myself.

This is the article on MSDN that talks exactly about this scenario. I decided to keep this question anyway for anyone that would be chasing the same information some time later.

MSDN: Forms Authentication Across Applications

In brief

You have to configure machine keys in web.config of both applications so they match hence they'll be able to decode data that the other party generated. And that's the whole trick. MSDN article explains this in great detail including how to generate those keys.

Answer 2

If in case anyone is still not able to share the keys use compatibilityMode="Framework20SP1"

<machineKey validationKey="same key all over" 
            decryptionKey="same key all over" 
            validation="SHA1" decryption="AES"
            compatibilityMode="Framework20SP1"/>