Is there a way to set a session cookie's domain name? I'm asking because I currently have one app running alongside Umbraco. The other app uses subdomains for localization, so the cookie's domain gets set to .domain.com, but umbraco is setting its session cookie's domain to umbraco.domain.com. They share the same database and the same session id correctly, but the domain is what's different.
I was wondering if there's a setting in Umbraco to change this, or if I have to go into the source and make some modifications myself.
Did you try setting the cookie domain in your Forms Authentication info in the web.config on your umbraco instance? You should have a forms authentication setting assuming the default similar to this...
public class AppCookie : IHttpModule { public AppCookie() { }
public String ModuleName { get { return "AppCookie"; } }
private HttpApplication _app = null;
// In the Init function, register for HttpApplication // events by adding your handlers. public void Init(HttpApplication application) { application.PreRequestHandlerExecute += (new EventHandler(this.Application_PreRequestHandlerExecute)); _app = application; }
Setting SQL Session Domain
Is there a way to set a session cookie's domain name? I'm asking because I currently have one app running alongside Umbraco. The other app uses subdomains for localization, so the cookie's domain gets set to .domain.com, but umbraco is setting its session cookie's domain to umbraco.domain.com. They share the same database and the same session id correctly, but the domain is what's different.
I was wondering if there's a setting in Umbraco to change this, or if I have to go into the source and make some modifications myself.
Brian,
Did you try setting the cookie domain in your Forms Authentication info in the web.config on your umbraco instance? You should have a forms authentication setting assuming the default similar to this...
Using your domain.com example you could change it to this:
Of course you would add the appropriate values for the other fields rather than use the default.
Thanks! I ended up using an HttpModule like this:
public class AppCookie : IHttpModule
{
public AppCookie()
{
}
public String ModuleName
{
get { return "AppCookie"; }
}
private HttpApplication _app = null;
// In the Init function, register for HttpApplication
// events by adding your handlers.
public void Init(HttpApplication application)
{
application.PreRequestHandlerExecute +=
(new EventHandler(this.Application_PreRequestHandlerExecute));
_app = application;
}
private void Application_PreRequestHandlerExecute(Object source, EventArgs e)
{
if (HttpContext.Current.Session != null)
{
HttpCookie net_SessionId = _app.Response.Cookies["ASP.NET_SessionId"];
if (net_SessionId == null)
{
net_SessionId = new HttpCookie("ASP.NET_SessionId");
}
net_SessionId.Value = _app.Session.SessionID;
net_SessionId.Domain = "." + System.Configuration.ConfigurationSettings.AppSettings["CMSAppUrl"].ToString();
}
}
public void Dispose()
{
}
}
And registering it in Umbraco's web.config:
<add name="AppCookie" type="AppCookie" />
And that did the trick. It was similar to the method used in the other app, so I wanted to stay consistent.
Oops, forgot to code format it!
is working on a reply...