redirection between asp .net interfaces using cookies without querystring

Question

I have two asp .net interfaces:

  1. app1.domain.com
  2. app2.domain.com

In default page of both, there is a link button from which we can switch between them. Previously we use query strings to pass username and password. But now we want to use cookies. So in click event of link button, I have code like this:

    HttpCookie cookie = new HttpCookie("MYCookie", Guid.NewGuid().ToString());
    cookie.Domain = "domain.com";
    cookie.Expires = DateTime.UtcNow.AddHours(1);
    cookie.HttpOnly = false;
    cookie.Secure = true;

    cookie.Values.Add("Username", Username.ToString());
    cookie.Values.Add("UserId", UserId.ToString());
    Response.Cookies.Add(cookie);
    Response.Redirect(destinationAddress);

Now, in default page of other application am reading cookie as:

    protected override void InitializeCulture() {
     if (Request.Cookies["MYCookie"] != null) {
       HttpCookie cookie = null;
      cookie = Request.Cookies.Get("MYCookie");
         }
      }

but here am finding Request.Cookies["MYCookie"] as null. Am i missing anything? Please advice.

possible duplicate of [Sharing ASP.NET cookies across sub-domains](http://stackoverflow.com/questions/7589630/sharing-asp-net-cookies-across-sub-domains) — Jamie Dixon, Apr 27 '12 at 08:00

score 0 · Answer 1 · answered Apr 27 '12 at 08:01

0

It looks to me like the problem is your domain.

Change cookie.Domain = "domain"; to be cookie.Domain = ".domain.com";

answered Apr 27 '12 at 08:01

Jamie Dixon

53,019
19
125
162

I have customized it in web.config file as domain.com... But it didnot help – Sanjay Surendra Apr 27 '12 at 08:04
You need the leading dot `.` Do you have that? – Jamie Dixon Apr 27 '12 at 08:05

score 0 · Answer 2 · answered Apr 27 '12 at 08:01

0

I think you need to add HttpCookie same Path property for both app1 and app2

answered Apr 27 '12 at 08:01

Zayar

347
2
11

Do you mean like this? cookie.Path = "/default.aspx"; – Sanjay Surendra Apr 27 '12 at 09:09
@Sanjay the last thing i can think of is Machine key. You can read this post http://stackoverflow.com/questions/4312020/single-sign-on-in-asp-net-cookie-name-machinekey-and-what-more – Zayar Apr 27 '12 at 10:08

Nagarajan Ganesh · Answer 3 · 2012-05-10T12:36:24.053

Response.Redirect generates ThreadAbortException. All the changes made in your cookie will be lost. so you can use,

<meta http-equiv="Refresh" content="10; URL=your url" />

c# code:

System.Web.UI.HtmlControls.HtmlMeta meta = new System.Web.UI.HtmlControls.HtmlMeta();
meta.HttpEquiv = "Refresh";
meta.Content = "10; URL=your url";
Page.Header.Controls.Add(meta);

And set you cookie as like

cookie.Domain = ".domain.com";

redirection between asp .net interfaces using cookies without querystring

3 Answers3