We are running EPiServer CMS 5 R2 with an Enterprise license and an additional license. The solution has two sites, here named www.mysite1.com and www.mysite2.com. In web.config they have their values of param uiUrl set to "~/backend". Logging in to EPiServer backend, we've noticed that you have to login to each site respectively in order to edit the pages. I.e. if you go www.mysite2.com/backend you must login to www.mysite1.com if you wish to edit the pages under that site. This is regular Enterprise functionality.

But is there any way to allowing a single sign-on to EPiServer backend? So you login once and can edit pages belonging to any on the two sites without logging in again?

The background is that we wish to access EPiServer backend for both sites using a certain URL, www.mysite2.com/backend. (The reason is that a reverse proxy due to authentication issues disallows us to use www.mysite1.com/backend as a backend URL for www.mysite1.com. The reverse proxy only allows anonymous HTTP for www.mysite1.com and pages under that - therefore backend access can't be allowed.)

We tried to use absolute URLs for uiUrl on both sites like this: <sites> <site ...> <siteSettings ... uiUrl="https://www.mysite2.com/backend" .../>
But this does not work. If you go https://www.mysite2.com/backend, login and try to edit pages belonging to www.mysite1.com, you are redirected from EpiServer backend (i.e. leaving backend, the page tree and the edit mode) to the frontend version of the page.

We are using WindowsMembershipProvider:

<add name="WindowsMembershipProvider" type="EPiServer.Security.WindowsMembershipProvider, EPiServer" deletePrefix="BUILTIN\" searchByEmail="true" />

And WindowsRoleProvider:

<add name="WindowsRoleProvider" applicationName="EPiServerSample" type="EPiServer.Security.WindowsRoleProvider, EPiServer" />

Thanks in advance for any help or clarifications.