I have two extranet sites, one that the client uses to sign-in and set the CS cookie key/value pair then redirects to the second domain (different server and domain) to the CS server/site.
Does the cookieAuthentication Module read cookies from different domains? I haven't be able to get the module to function properly at all, I've made changes to the web.config and communityserver.config file for the cookie authentication, no luck at this point.
Any thoughts or help is greatly appreciated!
#### web.config #####
<authentication mode="None"> <!--<forms name=".CommunityServer" protection="All" timeout="60000" loginUrl="login.aspx" slidingExpiration="true" />--> </authentication>
#### communityserver.config ####
<add name="CustomAuthentication" extensionType="Security" type="Telligent.CommunityServer.Security.CookieAuthentication, Telligent.CommunityServer.SecurityModules" allowAutoUserRegistration="true" authenticatedUserCookieName="CSUser" usernameKey="username" emailAddressKey="emailAddress" useEncryptedCookie="false" cookieValueStringFormat="Base64" cookieValueEncryptionFormat="ValuesOnly" />
Cheers
The browser won't send cookies from one root domain along with a request for a page on another root domain for security reasons. Hope this helps,
Xander
That probably explains the issue, thanks for your help. Looks like I'll be finding a work around.
Is there an existing cookiAuthentication tool to test the module setup of CS?
There is a CookieAuthTest.aspx page that ships with the modules package that can be used for testing. Because it uses Community Server configuration settings, it needs to be placed into the Community Server application directory. Hope this helps,
Not sure what's going on, but I did a search on the server for that file and it's not found. I also don't have an application directory... am I going crazy??
I even did a search on the .zip file of CS and didn't see the cookieauthtest.aspx file --> can I get it from another source download or individual file?
>Not sure what's going on, but I did a search on the server for that file and it's not found. It should be in the SecurityModules zip file. You can re-download that zip from the Community Server downloads section if needed.
>I also don't have an application directory...I wasn't particularly clear...I just meant the root directory that you're running Community Server in. So, if your site is running at C:\Inetpub\wwwroot, and you have Community Server set up in C:\inetpub\wwwroot\CS, the C:\Inetpub\wwwroot\CS directory is the one that you would want to put the CookieAuthTest.aspx page in.
Hope that helps,
The initial release of the Security Modules for 2007 was missing the CookieAuthTest.aspx and FormsAuthTest.aspx. We'd updated the zip to include it shortly after the CS 2007 release. We'd also applied a fix to the Security Modules that caused issues when viewing people's profile pages, so the latest module is version 3.0.20424. If you have an earlier one, I'd recommend downloading the latest version.
Hey guys,
This thread got me off my ass and I finally wrote Cookies 101, something that I've been wanting to do for quite a while. I think I covered all of the important aspects, but if I missed something I can very easily create a Cookies 102.
Take it easy,Bill
WGB EnterprisesopenSourceC.org
Maybe this site can help you
http://programmingschools.blogspot.com/2007/05/create-cookies-cross-domain.html
To set CS cookies key/value pair are you using CS APIs ? or anything else ?
I was able to finally get this working between the .NET and CFM. It was an issue with the DES encryption and finally just did the handoff of the auto login through an encrypted URL string.
Thanks to everyone for your help!
Copyright© 2008 Telligent Systems Inc. All rights reserved CommunityServer.com • Telligent.com