Form Authentication / cookies across two domains, one within a frame

Form Authentication / cookies across two domains, one within a frame

Post by SMH » Sat, 04 Mar 2006 04:32:15


>From my research, I do not believe there is a standard way to allow for
a session cookie to pass it's authentication to my asp program when I
am in a frame of a site different than the domain where my asp program
lies. (prior to dot.net 2.0, I am at 1.1) per this post, from Dominick
Baier: http://www.yqcomputer.com/

My situation isas follows:

asp program, on smh.com is running within a frame on abc.com - Thus,
Form Authentication is not successful in validating a user on smh.com

If there is code that will allow me to "white list" the abc.com domain
and thus allow the authentication to occur, it would of course be
seemless to my users.

I have found that, if I add smh.com to the trusted sites list in IE6 of
the end user, the authentication completes successfully.

In the interest of at least saving "one" step for my users, I would
like to have a script that recognizes the aforementioned scenario
(smh.com in frame of abc.com) and presents an option to add smh.com to
the user's trusted sites list.

Any ideas?

Thanks in advance for any suggestions-

Stuart