ASP.NET MVC - cross sub domain authentication/membership

Question

Hit a roadblock while implementing a sub domain based language switcher (en.domain.com loads English, jp.domain.com loads Japanese).

How do I get a single member

Answer 1

Try creating the cookie yourself.

In AccountController you'll find this:

FormsAuthentication.SetAuthCookie(userName, createPersistentCookie);

that "creates and adds to the cookie collection". It doesn't allow modification of the domain (but does allow modification of the path, oddly). Instead create a cookie without adding to the collection, modify the necessary properties, then add to the collection:

var a = FormsAuthentication.GetAuthCookie(userName, createPersistentCookie);
//if you're debugging right here, a.Domain should be en.example.com; change it
a.Domain = "example.com";
HttpContext.Current.Response.Cookies.Add(a);

James

Answer 2

Your problem is how browsers sends cookie during request.

Cookie is generally tied to a single domain, this is for security reasons and performance. For example, user don't want to send cookie for your domain to any other domain, because your cookie may contain sensitive information.

Browser do differentiate between cookies set with en.domain.com and jp.domain.com. They do not allow cookies from one domain goes to the other because they are not on a parent domain.

The solution to your problem would be to take over the control of generating cookies. I haven't played much with ASP.NET MVC, but I'm sure it can be done not through the HTML but through a property or something. This is a very common scenario. You should set the cookies domain to "domain.com" for your production boxes, that is correct. If you're working on a local box, you should set the cookies domain to "".

Answer 3

You have to use dot prefix, like this.

<authentication mode="Forms">
    <forms domain=".tv.loc" loginUrl="~/signin" timeout="2880" name="auth" />
</authentication>