Having trouble sharing an Identity Cookie (using ASP.NET Core v2) across multiple web applications
On my development environment, cookies are shared automatically (as it's localhost
) - and that works fine!
When dealing with MS Azure, I've tried to set the cookie domain to .azurewebsites.net
- to allow two web apps (e.g. app1.azurewebsites.net
and app2.azurewebsites.net
) to share a cookie.
Using the cookie configuration (abbreviated) like so:
public IServiceProvider ConfigureServices(IServiceCollection services)
{
services.ConfigureApplicationCookie(options =>
{
options.Cookie.Domain = ".azurewebsites.net";
}
}
However, when I deploy the main site (the one that generates cookies from logins) to Azure, I can't even login. The .AspNetCore.Application.Identity
cookie doesn't even get returned after entering username/password (or social logins)
I've also tried the solution here: https://stackoverflow.com/a/44310683/1025394
With no success
Question is: Is there possibly any filtering going on the Azure side of things? Stopping me from setting a cookie for .azurewebsites.net
? Maybe for Security purposes?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…