ASP.NET - authentication against multiple domains

Question

My website can be access from many domain (a my own blog engine). So, how i can cross authentication?

I'm using: IIS7, C#, asp.net membership, form authentication.

Answer 1

If you are using Active Directory (assuming that is what you refer to as domains), you can simply configure multiple ActiveDirectoryMembershipProvider sections and use the asp:Login control templates, add a dropdown for the domains you want to authenticate against, and on the OnAuthenticate event of the Login control, set the selected AD membership provider.

For different providers like SQL Server membership provider, I'm not sure I understand what the issue is. Can you elaborate?

I'm going to take a guess here after having tried to read your question a couple of times again. If with 'multiple domains' you mean you have multiple websites (multiple fully qualified domain names), and you want to use the same SQL Server datastore to authenticate users against, and run the same website, the solution would be to point the appropriate DNS A record to the IP address of the original hosting server. Any decent domain registrar should allow you to change the DNS record.

However, Forms Auth creates a cookie, and you will not be able to read the cookie from a different domain than that you are on because of obvious security issues, so in that case you're stuck.

The only possibility I can see is that you're passing some encrypted identity in a querystring, but that is very, very dodgy, as you would want to make sure there's a minimal validity time limit on it as it opens up a right can of worms (security holes). Probably not recommended.

Crikey, that's a long way of saying "No, you can't - securely."

If are talking about sub domains and not about different top level domains, then you can actually do it, see this post.