Click here to Skip to main content
Click here to Skip to main content

Tagged as

Single Sign on (SSO) Using Cookie in asp.net

, 12 Oct 2010 CPOL
Rate this:
Please Sign up or sign in to vote.
Single Sign on (SSO) Using Cookie in asp.netThere are various ways to use Single Sign on(SSO) in asp.net web application. We can use cookies, session (state server), SAML and web services etc. Now we would like to give a brief overview of how to use cookie to implement Single Sign on(SSO) in...
There are various ways to use Single Sign on(SSO) in asp.net web application. We can use cookies, session (state server), SAML and web services etc. Now we would like to give a brief overview of how to use cookie to implement Single Sign on(SSO) in asp.net web application.
 
Assume that we have two web application hosted on different virtual directory but under same domain. As for example, our root domain is: http://www.cookietest.com and
Other two virtual directory hosted under this domain are
http://www.cookietest.com/cookiesite1/Login.aspx
http://www.cookietest.com/cookiesite2/Default.aspx
 
If we login successfully in cookiesite1 then it writes the login information in cookie and now opens another tab or a new window in same browser (IE, FF whatever you like). Place this address http://www.cookietest.com/cookiesite2/Default.aspx in address bar logged in automatically in cookiesite2. When we try to access in cookiesite2 –> Default.aspx it checks the login information from cookie. If desired value found in cookie then you logged in automatically. Remember you need to enable cookie in your browser for all of these activities.
 
Configuration:
1. Web.Config
Before coding we need to some configure in our web.config file. Though cookiesite1 and cookiesite2 are in different virtual directory their web.config file must contains the same machine validationKey, decryptionKey and validation.
 
Like this,
 
<machineKey validationKey="282487E295028E59B8F411ACB689CCD6F39DDD21E6055A3EE480424315994760ADF21B580D8587DB675FA02F79167413044E25309CCCDB647174D5B3D0DD9141"
decryptionKey="8B6697227CBCA902B1A0925D40FAA00B353F2DF4359D2099"
validation="SHA1" />
 

2.IIS
In IIS->Directory security tab add the "ASPNET Machine Account" user and set the full rights.
 
Coding:
Write cookie after login complete:
Place this code in cookiesite1->Login.aspx.cs
 
      If(login_Successful)
      {
      //Create a new cookie, passing the name into the constructor
      HttpCookie cookie = new HttpCookie(“strCookieName”);
 
      //Set the cookies value
      cookie.Value =”set_cookie_value”;
 
      //Set the cookie to expire in 5 minute
      DateTime dtNow = DateTime.Now;
      TimeSpan tsMinute = new TimeSpan(0, 0, 5, 0);
      cookie.Expires = dtNow + tsMinute;
 
      //Add the cookie
      Response.Cookies.Add(cookie);
 
      Response.Write("Cookie written. ");
      }
 
Check cookie is exist or not on page_load
Place this code in cookiesite2->Default.aspx.cs
 
      protected void Page_Load(object sender, EventArgs e)
      {
      //Grab the cookie
      HttpCookie cookie = Request.Cookies[“strCookieName”];
 
      //Check to make sure the cookie exists
      if (cookie != null)
      {
      ReadCookie();
      }
      Else
      {
      lblCookie.Text = "Cookie not found. ";
      }
 
      }
 

Read cookie when page load:
Add this method in cookiesite2->Default.aspx.cs
 
      <pre>protected void ReadCookie()
      {
      //Get the cookie name the user entered
 
      //Grab the cookie
      HttpCookie cookie = Request.Cookies[“strCookieName”];
 
      //Check to make sure the cookie exists
      if (cookie == null)
      {
      lblCookie.Text = "Cookie not found. ";
      }
      else
      {
      //Write the cookie value
      String strCookieValue = cookie.Value.ToString();
      lblCookie.Text = "The cookie contains: " + strCookieValue + "";
      }
      }</pre>
 

Test the application in <b>localhost</b>.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Ahsan Murshed
Software Developer Jaxara IT Ltd.
Bangladesh Bangladesh
I am Microsoft MVP and working as Software Engineer in web technologies, with 6+ years of experience in the design, prototyping, development and deployment of various class of business solutions C#,asp.net, jquery, java and sql server or Oracle.
 
blog: http://aspboss.blogspot.com

Comments and Discussions

 
GeneralReason for my vote of 5 nice article PinmemberVijai Prakash Maurya6-Dec-11 0:47 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.141223.1 | Last Updated 12 Oct 2010
Article Copyright 2010 by Ahsan Murshed
Everything else Copyright © CodeProject, 1999-2014
Layout: fixed | fluid