There is no code for this example as of yet because I'm after a conceptual answer.
Say I have an MVC application hosted at mydomain.com. I have a set of admin tools that are available at mydomain.com/admin. There is an attribute on the admin controller that looks for a session variable indicating whether the user is logged in or not. If not it redirects to a login page, sets the session variable and all is good. I'm fine with this .. I understand how it works.
Now say that I have another 'sub-application' at mydomain/blog. This is a separate virtual directory that has a similar security mechanism that locks down mydomain/blog/admin.
If a user is logged into /mydomain/admin (ie the session variable is set) can I then redirect them to /blog/admin/index in such a way that the session variable is passed through to this separate application. My assumption is that the session variables for the two virtual directories are distinct.
The essence of this is a way to add modular tools to a web application. If a module is installed, I want to place a link or menu that will take them to the specific module's tool-set without having to authenticate again.
One caveat, this would more than likely have to work with shared hosting scenarios where I may not have access to IIS configuration. In the scenario where I do have IIS access I would obviously have other options that I understand, but I specifically need this to work without that level of control or access.
I hope that makes sense. Please ask for any clarification.
Thanks. Simon.
