New Zealand's new Copyright Law presumes 'Guilt Upon Accusation' and will Cut Off Internet Connections without a trial. is against this unjust law - help us

A Space for All Things .NET Related

Just Read The Manual

By James Hippolite, in , posted: 6-Sep-2007 08:21

Kiaora Team,

I just discovered something interesting/important:

  • Use a separate cookie name (using the name attribute of the <forms> element) and path for each Web application.  This will ensure that users who are authenticated against one application are not treated as authenticated when using a second application hosted by the same Web Server.

-         Building Secure ASP.NET Applications

-         Patterns and Practices

So, this means that my web.config should look like this from now on:

<authentication mode="Forms">

<forms name="StanleyAuth"






      <deny users="?"/>





Other related posts:
Geek Post Monthly Newsletter Volume 2 Issue 6
Exam 70-300 Objective 3

Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and shown in this blog post.

Your name:

Your e-mail:

Your webpage:

JamesHip's profile

James Hippolite
New Zealand

Welcome to my technical blog. 

Here, I attempt to distill the Microsoft Certified Professional Developer knowledge I have accumulated since first qualifying MCP in 1996.  This blog started on 13 September 2007 as an off-shoot from my mixed up personal blog.  But it took a shot in the arm from Scott Hanselman's talk at TechEd New Zealand 08 "32 Ways To Make Your Blog Suck Less".