I’ve had this issue twice now, and both times when I did my search I would end up this popular Stack Overflow question but adding an answer to a popular question that doesn’t directly* answer the question will get the attention of down vote police.
*For some values of direct.
So I’ll just have to blog it here, and maybe the comment will help someone out who is likely to end up on that question, at least until the comment is flagged as unconstructive or offensive because “somewhat related” isn’t in the spirit of StackOverflow.
So with the grievance aired.
Objective
To be able to have subdomain1.machine-name and subdomain2.machine-name share a cookie locally via forms authentication.
Steps
To go about achieving the saving of an authentication cookie valid across multiple domains locally under IIS.
Configurations
The most important thing here is to ensure that your local domain has at least ‘.’ in it. I often try to just have it be the machine name, this does not work, so I select something like the .app suffix.
Authentication configuration section in web.config:
<authentication mode="Forms">
<forms loginUrl="~/login" timeout="2880" domain="pic-nick.app" />
</authentication>
IIS Setup
Will look like this:
HOSTS File
Done
There we go, with this set up you can go to red. and blue. and have it share the authentication cookie to be logged into your app across sub domains locally.
Troubleshooting
I also ran into some extra issues on Windows 8 similar to this StackOverflow question.
Exception from IIS:
HTTP Error 500.19 – Internal Server Error
The requested page cannon be access because the related configuration data for this page is invalid.
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault=”Deny”), or set explicitly by a location tag with overrideMode=”Deny” or the legacy allowOverride=”false.
To solve this you need to probably enable some Windows Features related to Security and .NET.
