Hello,

I've got a bunch of web-portals that customers use to log-in and see =
their data.  In a production environment, each of these has a completely =
different domain name, but they all point back to one web-server/same =
IP, they just have different applications configured in IIS.

I've created an authentication cookie, where a master user can hop from =
one site to another, and not have to keep logging in.  This works fine =
on my test box, but I've just realized that from IE's perspective, it's =
all the same host.

I'd like to be able to access these cookies from any site, but I realize =
for security reasons, you can't read a cookies set from another site.  =
In my case though, they really aren't set from another site.  Am I out =
of luck when it comes to accessing these cookies?

--Michael

[ Post a follow-up to this message ]

I don't think you can do that to be honest.

Why not just use a DB instead of cookies btw? (for the master users anyway)

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!


"Raterus" <raterus@spam.org> wrote in message
news:uyR57kfXEHA.1656@TK2MSFTNGP09.phx.gbl...
Hello,

I've got a bunch of web-portals that customers use to log-in and see their
data.  In a production environment, each of these has a completely different
domain name, but they all point back to one web-server/same IP, they just
have different applications configured in IIS.

I've created an authentication cookie, where a master user can hop from one
site to another, and not have to keep logging in.  This works fine on my
test box, but I've just realized that from IE's perspective, it's all the
same host.

I'd like to be able to access these cookies from any site, but I realize for
security reasons, you can't read a cookies set from another site.  In my
case though, they really aren't set from another site.  Am I out of luck
when it comes to accessing these cookies?

--Michael

[ Post a follow-up to this message ]

Well my goal was to have them not have to log in again, if I use a DB =
(which I am), they are going to have to provide something to =
authenticate themselves, I was hoping it could be a preset cookie.

"Steven Burn" <pvt@noyb.com> wrote in message =
news:On6E6mfXEHA.4032@TK2MSFTNGP11.phx.gbl...
> I don't think you can do that to be honest.
>=20
> Why not just use a DB instead of cookies btw? (for the master users =
anyway)
>=20
> --
>=20
> Regards
>=20
> Steven Burn
> Ur I.T. Mate Group
> www.it-mate.co.uk
>=20
> Keeping it FREE!
>=20
>=20
> "Raterus" <raterus@spam.org> wrote in message
> news:uyR57kfXEHA.1656@TK2MSFTNGP09.phx.gbl...
> Hello,
>=20
> I've got a bunch of web-portals that customers use to log-in and see =
their
> data.  In a production environment, each of these has a completely =
different
> domain name, but they all point back to one web-server/same IP, they =
just
> have different applications configured in IIS.
>=20
> I've created an authentication cookie, where a master user can hop =
from one
> site to another, and not have to keep logging in.  This works fine on =
my
> test box, but I've just realized that from IE's perspective, it's all =
the
> same host.
>=20
> I'd like to be able to access these cookies from any site, but I =
realize for
> security reasons, you can't read a cookies set from another site.  In =
my
> case though, they really aren't set from another site.  Am I out of =
luck
> when it comes to accessing these cookies?
>=20
> --Michael
>=20
>

[ Post a follow-up to this message ]

Dear Raterus,

I belive you can send cookies across domains. I have read an article
on achieving the same earlier.

Make a quick search in Google with the keywords "send cookies across
domains" and you will be pointed to some useful articles

Please let me know if this still cannot be solved.

Ciao,
Vijay

[ Post a follow-up to this message ]