After authorization on Web.Mvc project, user no longer authorized on Web.Public project and vice versa.
Identity server is enabled by default.
OpenId is enabled. I also set options.RequireHttpsMetadata to false to be able to test it on default ports.
I configured Web.Public according to [http://docs.identityserver.io/en/release/quickstarts/3_interactive_login.html])
But looks like, it uses JWT authentication by default.
Public website uses the same login page with the non-public website. So when you click login button on Public website, it redirects you to the one and only login page with a returnUrl. After successful login you turn back to the Public website. Check that you have the marked cookies after successful login. If you have them, check the domains. Different domain names will not allow you share the cookies btw Public and The Not Public.[attachment=0:28rm3g3e]cookie.jpg[/attachment:28rm3g3e]
Thank you for screencast, sorry, I didnt make my problem clear.
Here are my steps:
- Create latest aspnetzero template. Start both sites. Make sure they are opened in the same browser. (vs 2017 may start each site in separate browser process, so just copy the path of one of them and create new tab. It's important for step 4)
- Clear cookies on both sites, just in case and refresh the pages.
- Login to Web.Mvc on localhost:62114. Now we see dashboard.
- Switch to Web.Public on localhost:45776 and login. We login automatically, since we have already made it in previous step. You should not see login screen.
- Switch back to localhost:62114 and refresh page. We are not authorized anymore on Web.Mvc, so it redirect us on login screen. The cookie is different now for some reason. And that is my problem.