Hello,
I have an application having a form based authentication on a single server environment. We login on an external application which gives us link to access our current application. When we click on the link our existing application opens an authentication is done using the "Ticket" key provided in the request
Following is the configuration:
with following configuration in the config file.
<authentication mode="Forms">
<forms name=".ABCD" loginUrl="Pages/LoginPage.aspx" timeout="1440" path="/" />
</authentication>
<authorization> <deny users="?" /> </authorization>
<machineKey validationKey="adsfasdfasdfasdf" decryptionKey="asdfadsfsdfaf" validation="SHA1" />
We are doing the user authentication code on the page load of the loginPage.aspx: the algo is as follows:
if (!User.Identity.IsAuthenticated)
{
string tic = Request.QueryString.Get("ticket");
\\Validate the ticket data. If validated then redirect to the default page else show error.
}
Now as per the need there is a change in the authentication mechanism as the authentication will be done on a RPG server and through which then this application's default page will open. For this, we have made loginPage.apx as a restricted page and placed it on the RPG server.
When the External application connect to the application, the redirection is done to the LoginPage.aspx (form authentication) . For authentication, we uses an specific value from Httpheader and after the successful authentication the redirection is done to the default page located on the different server then RPG server.
As per my understanding, Following the redirection, the browser requests the LoginPage.aspx page again. This request includes the forms authentication cookie.
Now issue is, when authentication happens again, User.Identity.IsAuthenticated is not true (which should not be the case as it is already done), and then the existing code try to again fetch value from HTTP_Header which doesn't have the needed information as we have moved from RPG server.
I think it's some configuration which I am missing, however I am not able to find any answer.
Thanks for your help.