Automatically logged in on one site when logged in from another site

Have you ever encountered with a situation where you develop two separate websites in asp.net, using Forms authentication and once you logged in from a one website, your second website (Which runs completely separate from the first website) automatically logged in???

Well, that usually happens if you use the same name for the forms tag in web.config file

<authentication mode="Forms">
   <forms name="test" />

The name “test” is the cookie name used for the authentication. If it’s same for both websites, it’s likely sharing the same authentication cookie hence your second website automatically logged in the user when (s)he use the same browser.

What you have to do to get rid of this is, simply specify different names for the forms tag for each website.


Anonymous said...

Thanks a lot, you saved my time.

pham thuan said...

Thanks you very much