Sharing ASP.NET cookies across sub-domains
set the property of Domain to ".mydomain.com" in each Cookies of two subdomains websites
like
Response.Cookies["test"].Value = "some value";Response.Cookies["test"].Domain = ".mysite.com";UPDATE 1
in Site
HttpCookie hc = new HttpCookie("strName", "value");hc.Domain = ".mydomain.com"; // must start with "."hc.Expires = DateTime.Now.AddMonths(3);HttpContext.Current.Response.Cookies.Add(hc);In Site B
HttpContext.Current.Request.Cookies["strName"].ValueTry It
Regards
Add new cookie and specify domain like this
HttpCookie cookie = new HttpCookie("cookiename", "value");cookie.Domain = "domain.com";For forms authentication set this in web.config
<forms name=".ASPXAUTH" loginUrl="login.aspx" protection="All" timeout="30" path="/" requireSSL="false" domain="domain.com"></forms>The cookie will be accessible to all the subdomains.
In order for each domain to decrypt the the cookie, all web.config files must use the same encryption/decryption algorithm and key. (how to create a machine key)
Example:
// do not wrap these values like this in the web.config// only wrapping for code visibility on SO<machineKey validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75 D7AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281 B" decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719 F" validation="SHA1" decryption="AES"/>For easier deployments, these values can be stored in a separate file:
<machineKey configSource="machinekey.config"/>For added security you can also encrypt the machine key for further protection..
If you're using Forms authentication on all of your sub domains, all you need to do is to add domain=".mydomain.com" property to the <forms> node in your web.config
Note the leading period in .mydomain.com
This simple change by itself will make your authentication cookie valid in all sub-domains; no need to manually set any cookies.