How can I share .net (C#) based authenticated session between web forms and MVC2 applications?

Question

We have a small application we built in our spare time using the latest mvc3 and Entity Framework .net libraries available at the time, and deployed it. The management liked

Answer 1

Forms authentication uses cookies to track users. Cookies can only be shared between the same domain. So for example if you had app1.foo.com and app2.foo.com simply configure those two applications to share the same domain cookie. For example both web.config should share the same forms authentication configuration:

You also must ensure that both application share the same machine keys because an authentication cookie emitted by app1 needs to be decrypted by app2 with the same keys.