asp.net 二级域名表单认证情况下共享Cookie

   二级域名之间共享Cookie，很重要的一点就是配置,如下：

domain设置为.ahdqxx.com，如果你的域名是www.ahdqxx.com,mall.ahdqxx.com,那么请设置你的domain为.ahdqxx.com

path设置为/

<authentication mode="Forms">
      <forms name="DQ.AUTH" loginUrl="http://www.ahdqxx.com/Login/Index" protection="All" domain=".ahdqxx.com" timeout="43200" path="/" requireSSL="false" slidingExpiration="true" />
    </authentication>

第二重点的就是登陆时候Cookie设置，

不要忘记使用之前配置的东西来设置 Cookie（FormsAuthentication.FormsCookiePath，FormsAuthentication.CookieDomain）

      public virtual void SignIn(Customer customer, bool createPersistentCookie)
        {
            var now = DateTime.UtcNow.ToLocalTime();

            var userdata = JsonConvert.SerializeObject(new SimpleUser { Name = _customerSettings.UsernamesEnabled ? customer.Username : customer.Email, ID = customer.CustomerGuid });

            var ticket = new FormsAuthenticationTicket(
                1 /*version*/,
                _customerSettings.UsernamesEnabled ? customer.Username : customer.Email,
                now,
                now.Add(_expirationTimeSpan),
                createPersistentCookie,
                userdata,
                FormsAuthentication.FormsCookiePath);



            var encryptedTicket = FormsAuthentication.Encrypt(ticket);

            var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
            cookie.HttpOnly = true;
            if (ticket.IsPersistent)
            {
                cookie.Expires = ticket.Expiration;
            }
            cookie.Secure = FormsAuthentication.RequireSSL;
            cookie.Path = FormsAuthentication.FormsCookiePath;
            if (FormsAuthentication.CookieDomain != null)
            {
                cookie.Domain = FormsAuthentication.CookieDomain;
            }

            _httpContext.Response.Cookies.Add(cookie);
            _cachedCustomer = customer;
        }

容易犯得的错误，如果你在配置中使用了machineKey节点，请保证相关站点使用相同的machineKey