keep forms auth session between sites iis web.config

Question

I have several sites where I am now required to maintain the same session for everyone, without having to log in every time a site is opened.

I have the following configuration on my sites.

    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" defaultUrl="~/Default.aspx" timeout="2880" slidingExpiration="true" name=".ApplicationsManagerSessionCookie" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>

The only thing that changes between each site is the value of the name attribute.

I have tried the following configurations

1. remove the attribute name

<authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" defaultUrl="~/Default.aspx" timeout="2880" slidingExpiration="true" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>

2. add the domain name

    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" defaultUrl="~/Default.aspx" timeout="2880" slidingExpiration="true" domain="foo.com" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>

3. add the domain name and path

    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" defaultUrl="~/Default.aspx" timeout="2880" slidingExpiration="true" domain="foo.com" path="/" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>

4. use the same attribute name

    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login.aspx" defaultUrl="~/Default.aspx" timeout="2880" slidingExpiration="true" name="._SessionCookie" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>

It is worth mentioning that the application is asp.net webforms

Login.aspx.cs

if (string.IsNullOrEmpty(Request.QueryString["ReturnUrl"]))
{
    FormsAuthentication.SetAuthCookie(_key.User, false); //guardamos el login
    Response.Redirect("~", false); //redireccionamos a la pagina principal
}
else
{
    FormsAuthentication.RedirectFromLoginPage(_key.User, false);
}

How can i solve this?

Answer 1

To configure forms authentication across applications, you set attributes of the forms and machineKey sections of the Web.config file to the same values for all applications that are participating in shared forms authentication.

More information you can refer to this link: Forms Authentication Across Applications.