Hi there,
I have a parent web application and a child web application. I am using single sign on between them. The child application is supposed to redirect anonymous users to the login page of the parent application We just updated both to .net 4.0 framework and now the SSO doesn't work anymore.
The setup is as follows. I have the machineKey tag all set up with validation key and decryption key in both applications.
then, for authentication tag i have the following in the child app (I have replaced the actual parent app's url with "parentApp" for privacy):
<authentication mode="Forms">
<forms name=".SSOAuth" loginUrl="parentApp/Login.aspx" path="/" protection="All"/>
</authentication>
<sessionState mode="InProc" cookieless="false" timeout="30"/>
<authorization>
<!--<deny users="?"/>
<allow users="*"/>-->
</authorization>
this used to work perfectly fine before we switched to .net 4.0. can anybody please shed some light on why this doesn't work anymore? It doesn't redirect, and neither does it authenticate on the child site even if i manually go to the parent app login page and log in.
Edit: we never set anything up in the machine.config. the machineKey tag is supposed to be setup in web.config file.