Forums » Community Server Add-Ons Archive (read only) » Cookies Authentication » Cookies Issue [urgent] :)

Cookies Issue [urgent] :)

rated by 0 users
This post has 3 Replies | 2 Followers

SouljaGoD
Not Ranked
Posts 8
Points 130
Reply |Contact
By: SouljaGoD
Posted: Fri, Jan 25 2008 11:10 AM

 I have a website which uses single sign-on for community server which is setup as a virtual directory:  www.something.com/cs/forums/ .

I am experiencing a very odd problem on the production server, but not on the dev server. A user will log on to my website, click the cs forums link, and they will be logged in to the CS website thanks to single sign-on. When they click on a link inside CS that redirects them to my website, they are logged in as the first username in the user table in the database. If they go back to the forums, they are logged in as the correct user. If I clear the cookies, this problem does not occur. If I test on dev server, this problem does not occur.  Any ideas?

 

Thanks Smile 

 
  • Post Points: 20 |
Ken Robertson
Top 10 Contributor
Posts 5,184
Points 47,485
CS Developers
Reply |Contact
By: Ken Robertson
Posted: Fri, Jan 25 2008 7:10 PM In reply to

Which of the SSO modules are you using? Forms or Cookies?

Have you tried examining the cookies in the browser, using something like the developer toolkit in Firefox? It is really nice in that you can look at all the cookies the browser has for the site.

 
  • Post Points: 20 |
SouljaGoD
Not Ranked
Posts 8
Points 130
Reply |Contact
By: SouljaGoD
Posted: Fri, Jan 25 2008 7:34 PM In reply to

SSO is forms authentication. It is really weird:

 When I sign in to my site, and then go to the forums, I am signed in. [perfect]

 When I then go to my site FROM CS forums, my site's SESSION is null. What causes that?

 If I then re-sign in from my site, and then go to CS forums, and then back to my site, it works. It will always work until I close the browser and re-open it. The first log-in on mysite-goto cs forums-back to my site   trip breaks. Only the first time..

I was testing and I found that, we know there is a session for mysite, and a seperate session for CS, once I log in my site, I have sessionID = valueA.

When I  go to the CS forums, and back to my site, the sessionID is valueB. Kicks me out of mysite and I have to resign in. Something changed it. When I re-login in my site, the sessionID is now valueB, and then I can go cs forums and back to mysite and both sessionID are valueB [cs+mysite].

Something happens to the cookie.. All I am doing in CS is click a link that redirects me to mysite, what changes the cookie value?

To make things more odd, this only happens on the production server, and works flawlessly on the dev and staging server. I know one change that had to be doneon the production was to use the explicit domain for the cookie auth.

 Anyways, this is one of those rare things that I don't think I'll be able to solve because I don't have much control of the code. Any suggestions?

 
  • Post Points: 20 |
daveburke
Top 10 Contributor
Posts 3,257
Points 71,920
MVPs
Reply |Contact
By: daveburke
Posted: Sat, Jan 26 2008 4:51 PM In reply to

Is the forums folder configured as an application folder, perhaps?

Did anyone enable session state in IIS or the site web.config?

Regards,
Dave

 

 
  • Post Points: 5 |
Page 1 of 1 (4 items) | RSS
Powered by Community Server (Commercial Edition), by Telligent Systems

Copyright© 2008 Telligent Systems Inc. All rights reserved
CommunityServer.com  •  Telligent.com