S
Sabotage
Hi all,
I've got a .NET application where users authenticate using Form
Authentication and then they're assigned to Admin or User roles. Admins are
allowed to modify data and Users have read-only permissions. After data is
modified I'd like Admins to be able to preview data in the new browser
window which would open in the User mode.
To implement this scenario I set up two Virtual directories - Live and
Preview. The Admin logs into the Live site, FormsAuthenticationTicket is
created and the user is assigned to the Admin role. When he clicks the
preview button, a new browser window opens the Preview site,
FormsAuthenticationTicket is created and the user is asigned to the User
mode. The problem is that after Preview site opens the user can work on the
Preview site, but the authentication ticket is set to NULL on the Live site
and the user is redirected to the login page.
Could someone advice me if there is any way to isolate those two
applications that the same user could work with two applications on the same
machine at the same time, but would be assigned to different roles in each
application?
Adding
<machineKey validationKey="AutoGenerate,IsolateApps"
decryptionKey="AutoGenerate,IsolateApps" validation="SHA1" decryption="Auto"
compatibilityMode="Framework20SP1" />
to web.config files does not work....
Thanks
Darius
I've got a .NET application where users authenticate using Form
Authentication and then they're assigned to Admin or User roles. Admins are
allowed to modify data and Users have read-only permissions. After data is
modified I'd like Admins to be able to preview data in the new browser
window which would open in the User mode.
To implement this scenario I set up two Virtual directories - Live and
Preview. The Admin logs into the Live site, FormsAuthenticationTicket is
created and the user is assigned to the Admin role. When he clicks the
preview button, a new browser window opens the Preview site,
FormsAuthenticationTicket is created and the user is asigned to the User
mode. The problem is that after Preview site opens the user can work on the
Preview site, but the authentication ticket is set to NULL on the Live site
and the user is redirected to the login page.
Could someone advice me if there is any way to isolate those two
applications that the same user could work with two applications on the same
machine at the same time, but would be assigned to different roles in each
application?
Adding
<machineKey validationKey="AutoGenerate,IsolateApps"
decryptionKey="AutoGenerate,IsolateApps" validation="SHA1" decryption="Auto"
compatibilityMode="Framework20SP1" />
to web.config files does not work....
Thanks
Darius