Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Brian Manning 22 posts 43 karma points
    Apr 01, 2010 @ 15:54
    Brian Manning
    0

    Setting SQL Session Domain

    Is there a way to set a session cookie's domain name? I'm asking because I currently have one app running alongside Umbraco. The other app uses subdomains for localization, so the cookie's domain gets set to .domain.com, but umbraco is setting its session cookie's domain to umbraco.domain.com. They share the same database and the same session id correctly, but the domain is what's different.

    I was wondering if there's a setting in Umbraco to change this, or if I have to go into the source and make some modifications myself.

  • webangelo 107 posts 190 karma points
    Apr 01, 2010 @ 19:57
    webangelo
    0

    Brian,

    Did you try setting the cookie domain in your Forms Authentication info in the web.config on your umbraco instance?  You should have a forms authentication setting assuming the default similar to this...

        <authentication mode="Forms">
    <forms name="yourAuthCookie" loginUrl="login.aspx" protection="All" path="/" />
    </authentication>

    Using your domain.com example you could change it to this:

        <authentication mode="Forms">
    <forms name="yourAuthCookie" loginUrl="login.aspx" protection="All" path="/" domain="domain.com" />
    </authentication>

    Of course you would add the appropriate values for the other fields rather than use the default.

  • Brian Manning 22 posts 43 karma points
    Apr 02, 2010 @ 20:19
    Brian Manning
    0

    Thanks! I ended up using an HttpModule like this:


    public class AppCookie : IHttpModule
    {
        public AppCookie()
            {
        }

        public String ModuleName
        {
            get { return "AppCookie"; }
        }

        private HttpApplication _app = null;

        // In the Init function, register for HttpApplication
        // events by adding your handlers.
        public void Init(HttpApplication application)
        {
            application.PreRequestHandlerExecute +=
                (new EventHandler(this.Application_PreRequestHandlerExecute));
            _app = application;
        }

        private void Application_PreRequestHandlerExecute(Object source, EventArgs e)
        {
            if (HttpContext.Current.Session != null)
            {
                HttpCookie net_SessionId = _app.Response.Cookies["ASP.NET_SessionId"];

                if (net_SessionId == null)
                {
                    net_SessionId = new HttpCookie("ASP.NET_SessionId");
                }

                net_SessionId.Value = _app.Session.SessionID;
                net_SessionId.Domain = "." + System.Configuration.ConfigurationSettings.AppSettings["CMSAppUrl"].ToString();
            }
        }

        public void Dispose()
        {
        }
    }

    And registering it in Umbraco's web.config:

    <add name="AppCookie" type="AppCookie" />

    And that did the trick. It was similar to the method used in the other app, so I wanted to stay consistent.

  • Brian Manning 22 posts 43 karma points
    Apr 02, 2010 @ 20:19
    Brian Manning
    0

    Oops, forgot to code format it!

Please Sign in or register to post replies

Write your reply to:

Draft