I have a situation where my ASP.NET MVC
application can be loaded directly or in iframe
. It uses ASP.NET Identity
. When I open the site from iframe
, log in and after open the site directly it keeps me logged in. Is that a normal behavior? Is session shared between apps opened directly and in iframe
?
Here are more details: I have a site https://somesite.com
,
and it can be accessed directly or via another site using iframe
. I need slightly different designs and functionality depending on where the site is accessed from. I researched and the only good solution seems to have two different sites: https://somesite.com
, https://framed.somesite.com
. I don't need to share sessions between them. Authorization may also work independently. And I need one SSL certificate
for both sites.
Also, how would you organize projects in VS2015
in case the design and functionality is mostly the same. Would you have some setting in the config to differentiate and just publish two sites with different settings or would you create two different projects?
Best Answer
There was a simple solution. I just created a different sites in
IIS
which were using the sameSSL
certificate(via subdomains), so I have 2 sites set up inIIS
https://somesite.com
andhttps://framed.somesite.com
. The second one is just empty and it has a directory pointing to the directory of the first one. So they use the sameSSL
certificate, they have different sessions and some param is being set when opening fromiframe
and so I can differenciate between them.