View Full Version : Using ASP.NET Membership doesn't recognize login from shared secured to unsecured

March 5th, 2011, 01:25 PM
I'm am using ASP.NET membership and am using the shared SSL. The problem that I am having is when I use the shared SSL to login, the unsecured pages do not recognize that the user is logged in, only the secured pages. If I use an unsecured page for the login, the secured pages do not recognize the login. For example, if I log in on https://secure3.ezhostingserver.com/whatever-com/Account/Login.aspx and the login is successful - if I look at any page that starts with https://secure3.ezhostingserver.com/whatever-com/ the user is logged in but if the page is an unsecured page (http://www.whatever.com/) , the user is not logged in. The other way around is also true (login on http://www.whatever.com/Account/Login.aspx not recoginzed on any page starting with https://secure3.ezhostingserver.com/whatever-com/). Is there anything I can do to fix this problem? Do I need to go to a dedicated SSL and would that fix the problem.

Thanks in advance to anyone who can help me with this problem.

March 5th, 2011, 03:53 PM

Because the Shared SSL address is technically a different site, visitors to that site will have different session values than what the non-ssl site assigned them. As such, you would have to set up a custom solution that tracks the session variables through a database (or something similar).

The quickest way to avoid this situation altogether would be to use a Dedicated SSL certificate on the site.