My project needs to support different set of domains, and uses FormsAutheticationTicket to create Forms Auth cookie upon user login, which works. But it has problem renewing Forms Auth cookie due to the way FormsAuthenticationModule renews its Forms Auth
cookie. For example, if the domain of Forms Auth cookie is different from the current domain, additional forms auth cookie with the same name is created, resulting in renewal issue.
Thus, I need a way to provide different Forms Authentication domain value dynamically, so that FormsAuthenticationModule can use it to reuse forms session cookie. Thus, the domain in the forms element below cannot be hardcoded.
<authentication mode="Forms"><forms /> </authentication>
Question: Is it possible to provide domain value dynamically, via `System.Configuration.ConfigurationSection`, or hooks so I can provide different domain value, so FormsAuthenticationModule can renews its Forms Auth cookie?
https://msdn.microsoft.com/en-us/library/2tw134k3%28v=vs.110%29.aspx
I have been looking into the .NET source code on FormsAuthenticationModule and FormsAuthentication. .NET reads domain from Forms element's Domain attribute in web.config, but I cannot see if there is hook that allows me to provide dynamic value
Line 92: reads config from web.config, I want to know if hook exists for user to provide dynamic config value
92 AuthenticationSection settings = RuntimeConfig.GetAppConfig().Authentication; 110 _CookieDomain = settings.Forms.Domain; //FormsAuthenticationModule uses _CookieDomain to renew cookie
http://referencesource.microsoft.com/#System.Web/Security/FormsAuthentication.cs