forms-authentication

We have an MVC app which has a custom forms authentication view/controller. The controller will verify things and then do a FormsAuthentication.RedirectFromLoginPage call. At this point in the Global.asax we'll receive a Application_OnAuthenticateRequest call from where we'll get their Context.User information and make another call to gather information relevant to this account which we then store in their Context.User & System.Threading.Thread.CurrentPrincipal. We also do a little caching of this information since in our system retrieving what we need is expensive which leads to cache

I have a website using Forms Authentication on domain1.com. I've been asked how a login page can be developed on domain2.com which logs the user into domain1.com and redirects them to the domain1.com homepage (domain2.com has no membership system and is purely an alternative page to log in to domain1.com from). Is this possible out of the box or would I need to develop a page on domain1.com which authenticates the login request from domain2.com? Yes, you can reuse the auth page. Create a form in domain2.com pointing the auth uri in domain1.com Citing w3schools : the possible values of the

Bug: I've got an ASP.NET web application that occasionally sets identical cookie keys for ".www.mydomain.com" and "www.mydomain.com". I'm trying to figure out what default cookie domain ASP.NET sets, and how I accidentally coded the site to sometimes prepend a "." to the cookie domain. When 2 cookies have the same key and are sent up from the browser, the ASP.NET web application is unable to differentiate between the two because the domain value is not sent in the header. (See my previous question ) Evidence: I've enabled W3C logging on the web server and verified that both cookies are sent