FormsAuthentication Cookie Name and Domain

Posted by Community Admin on 03-Aug-2018 22:08

FormsAuthentication Cookie Name and Domain

All Replies

Posted by Community Admin on 04-Jan-2011 00:00

1.  Is it possible to change the name of the forms authentication cookie that Sitefinity 4.0 uses?

2.  Is it possible to set the cookie at the domain level - rather than at the host level?

I would like the SF authentication cookie to be shared with other sites on the same domain.  I am accustomed to accomplishing this with a <forms.../> element in the web.config - something along the lines of:

<authentication mode="Forms">
  <forms
    name=".CustomCookieName"
    loginUrl="login.aspx"
    domain=".somedomain.com"
    enableCrossAppRedirects="true" />
</authentication>

I have read in other posts that the official Sitefinity 4.0 release, later this month, will have SSO functionality.  Interested to hear whether this release wil answer my question or not.

Posted by Community Admin on 05-Jan-2011 00:00

Hi Valerie,

You can change the name of the Authentication cookie and HttpCookie.Domain from Sitefinity >> Administration >> Settings >> Advanced >> Security.

By default AuthCookieDomain is set to an empty string. The AuthCookieName is .SFAUTH

Sitefinity uses its own security mode and generally we get all settings from our configuration files located under App_Data/Sitefinity/Configuration folder.

Kind regards,
Ivan Dimitrov
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 05-Jan-2011 00:00

Great - very simple to change the cookie name and domain.  Thanks Ivan!

Posted by Community Admin on 01-Jun-2016 00:00

I want to change the domain of .ASPXAUTH cookie. How should I do it from Sitefinity end?

This thread is closed