AI OnAI Off

Could we change the CMS admin login user cookie(.ASPXAUTH) name?

nils.hjalmarson
nils.hjalmarson
Vote:
 

The scenario like following

We have a web site which is www.testweb.us, also we have login.testweb.us for user login.
We used www.testweb.us/cms/to/ui/cms to login CMS admin.

The problem is when we login www.testweb.us, the login user cookie(.ASPXAUTH) domian is .testweb.us
In same time and same browser we login www.testweb.us/cms/to/ui/cms, it will have same name cookie(.ASPXAUTH) and domian is www.testweb.us

Because .testweb.us is root domian, two cookies with same name will cause authentication confusion (1. Website .ASPXAUTH domain:.testweb.us 2.CMS admin .ASPXAUTH domain:www.testweb.us ), one of them will not work when login to both, the first cookie will be used for both.

#121962
May 22, 2015 4:45
David Knipe
David Knipe
Vote:
 

You can change the name of the cookie in the forms authentication section of web.config, see: http://stackoverflow.com/questions/6661943/can-i-change-the-formsauthentication-cookie-name

You can also explicitly set the domain the cookie, see: https://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.cookiedomain%28v=vs.110%29.aspx

David

#122118
May 26, 2015 22:00
nils.hjalmarson
nils.hjalmarson
Vote:
 

@David Knipe 

Thanks for your feedback. But My scenario is not only change the cookie name. I use another way to sloved this.

#122455
Edited, Jun 03, 2015 4:50
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.