Aug 10, 2010 at 3:25 AM
Edited Aug 10, 2010 at 3:26 AM
Previously, I have implemented two separate ASP.NET Web Applications, one as a virtual application in a subfolder of the other, which successfully shared forms authentication as described at
(basically, setting up identical forms sections in the Web.config, and keys in the
Now, I am trying to do something similar to get BlogEngine.NET to work sharing forms authentication with a Web Application of mine. I have tried both putting it as a virtual application in a subfolder, and setting it up as a separate IIS site (same domain name,
different port number), but I can't get the authentication to work at all: when I go to the blog while logged in to my Web Application, Page.User.Identity.IsAuthenticated is always still "false".
Is it possible that things are different due to BlogEngine being a Web Site, not a Web Application? I never use Web Sites normally so I'm not 100% clear on what differences there are in their behaviour.
I'm really not sure how to even start debugging this, since the forms authentication is handled before any of my code runs.
authentication section of the two Web.configs are the same:
<forms path="/" domain="localhost" timeout="129600" name=".WebSiteName" protection="All"
slidingExpiration="true" loginUrl="/admin/login.aspx" cookieless="UseCookies"/>
And machineKey also:
validation="SHA1" decryption="AES" />
And I have added my site's MembershipProvider and RoleProvider to BlogEngine's Web.config and made them the defaults.
Does anyone have any suggestions as to what I should check or try?