Multiple logins from one browser - Sitefinity - General Discussions

All Replies

Posted by Community Admin on 02-Dec-2010 00:00

We have two domains pointing to the same instance of Sitefinity. If I login on one domain, I would like to also be able to login on the the other domain without logging me out of the first one. Not talking about single sign-on... just the ability to login to both of them separately, from the same machine, and from the same browser. I know there's been plenty of discussion already about the concurrent backend user restrictions, but if we can get this to distinguish between a user logged in from multiple machines, and a user logged in multiple times on the same browser, then it will save us a lot of trouble creating two logins for everyone that needs backend access.

I have a related scenario where we want to login on a separate application on a virtual directory of the main site. I'm authenticating with SF through a web service call, setting the cookie, and it logs me in (by using the forms cookie name .SFAUTH in the web.config). As soon as I browse to the main site, it automatically logs me out (only if I'm a backend user) and you can see the .SFLOG cookie show up. This was actually working fine with beta2 but not in RC. I'm wondering if there is a way to do this, maybe a step that I'm missing to set the cookie properly from the other app. I can post code if it helps. The change I suggested in the first paragraph I believe would also solve this problem since we're doing it all in the same window/session.

Any chance there are additional refinements planned for the concurrent user restrictions in upcoming releases? Any other suggestions for dealing with these two scenarios?

Thanks,

Matt

Posted by Community Admin on 08-Dec-2010 00:00

Hello Matt,

Right now we are counting the concurrent users per application, no matter how many subdomains the application serves content to. The only difference we are planning is to have the concurrent users counted if they are in the back-end area, or if they edit content.

Can you please paste the code indeed? It will help us a lot.

Thanks for your cooperation.

All the best,
Georgi
the Telerik team

Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items

Posted by Community Admin on 09-Dec-2010 00:00

We actually don't expect to exceed 5 total backend users across all subdomains... I just want to be able to login to sub1.domain.com and navigate over to sub2.domain.com and have it recognize that I'm already logged in. Currently Sitefinity ties the cookies to sub1.domain.com and as a result those cookies are ignored when I navigate to other subdomains.

If I do in fact have to login again on sub2.domain.com, I would prefer that it not force me to log out of sub1.domain.com, so I can switch back and forth, but as a side effect of your concurrent user restrictions, it won't let me stay logged in to both if I'm a backend user.

I see a few possible fixes for this:

1) We create a separate login for each backend user so that the concurrent user restrictions don't interfere with our ability to login to more than one subdomain.

2) Can sitefinity be configured to tie the cookie to the second level domain (.domain.com)? I know how to do this in the web.config for standard forms authentication, but sitefinity doesn't completely support this, and this obviously doesn't account for multiple second level domains pointing to the same installation. Let me be clear that I'm not looking for logins across domains... just subdomains on each domain, but the installation will need to host more than one domain.

3) Sitefinity recognizes that the user is trying to login twice from the SAME BROWSER and thus does not force the logout from the other subdomain.

Option #1 is easy for us, but is not preferred, and of course doesn't solve the problem of having to login to both subdomains. Option #2 would require a change to Sitefinity, or the ability to override and customize the approach used to set cookie domains. What are the chances of getting #2 or #3 in the near future? Seems that it would be easy for you to give us the option to tie the cookies to the whole domain. Thoughts?

Thanks,

Matt

Posted by Community Admin on 14-Dec-2010 00:00

Hi Matt,

We'll accept the subdomain as a feature request and will try to handle it in the best possible way. Right now it's hard to configure Sitefinity's cookie for a subdomain.
We will cover this scenario once the multi-site management is done. We will be able to tell you more on this soon.

All the best,
Georgi
the Telerik team

This thread is closed