Click here to Skip to main content
15,115,261 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Let my site be After users logged in and then try visiting they have to login again. Somehow url is regarded different with and without www.

How can I read/write the same cookie for the urls with and without www?

To solve this I set domain of my cookie as ""

In Internet Explorer, when I log-in to, I also logged in to However it doesn't work on Chrome.

What I had done:

* Set domain of cookie as (It was created successfully)

* Gave a name to Cookie other than AUTHASPX.

I wrote the following code:

<br />
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(<br />
          2,                                     <br />
          username,                      <br />
          DateTime.Now,                         <br />
          rememberMe ? DateTime.Now.AddYears(1) : DateTime.Now.AddHours(1),           <br />
          rememberMe,                               <br />
          loginKey,                              <br />
          FormsAuthentication.FormsCookiePath); <br />
<br />
    // Encrypt the ticket using the machine key<br />
    string encryptedTicket = FormsAuthentication.Encrypt(authTicket);<br />
<br />
    // Add the cookie to the request to save it<br />
    HttpCookie authCookie = new HttpCookie("CookieName", encryptedTicket);<br />
    authCookie.HttpOnly = true;<br />
    authCookie.Expires = rememberMe ? authTicket.Expiration : DateTime.Now.AddHours(1);<br />
    authCookie.Domain = "";<br />
<br />
    response.Cookies.Add(authCookie);<br />
<br />

Authentication is done via the following code:

<br />
HttpCookie authCookie = Context.Request.Cookies.Get("CookieName");<br />
        if (authCookie == null || string.IsNullOrEmpty(authCookie.Value))<br />
        {<br />
            LogoutAndRedirectToLogin();<br />
            return;<br />
        }<br />
<br />
        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);<br />
        if (authTicket == null)<br />
        {<br />
            LogoutAndRedirectToLogin();<br />
            return;<br />
        }<br />
<br />
        string loginKey = authTicket.UserData;</pre><br />

What I have tried:

Set domain of cookie as (It was created successfully)

Gave a name to Cookie other than AUTHASPX.
Updated 11-Jan-17 2:02am

1 solution

Look at this link, you'll find others if you google "aspx forms authentication subdomain"

c# - Forms Authentication across Sub-Domains - Stack Overflow[^]

The trick is to change the "domain" of the auth cookie so that it matches anything that ends in your domain so that "" and also "" both work.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900