Distributed scenarios?

[ransagy]

From reading the article, It seems to assume the services are on the same machine (particularly the usage of file system for the data protection storage).

Could this document elaborate on the best practice when those services aren't on the same machine?

I'm aware of IAuthenticationSessionStore in OWIN Cookie middleware and ASP.NET Core's ITicketStore that can be used. The latter can utilize IDistributedCache and the built in implementations for it, But i can't see any known implementations for those scenarios for OWIN. The other part would be where and how to store the data protection keys in a distributed manner.

Advice appreciated :)

---

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

• ID: 99307104-c0d7-3e82-f0b2-af61dcfe072a
• Version Independent ID: 315c02cb-54c4-e386-da85-6e4311ca10c2
• Content: Share authentication cookies among ASP.NET apps
• Content Source: aspnetcore/security/cookie-sharing.md
• Product: aspnet-core
• Technology: aspnetcore-security
• GitHub Login: @Rick-Anderson
• Microsoft Alias: riande

[ransagy]

This seems to be explained in the Data Protection part of the documentation; Perhaps add a section refering to that?

[Rick-Anderson]

Thank you for contacting us. Due to a lack of activity on this discussion issue we're closing it in an effort to keep our backlog manageable. If you believe there is a concern which hasn't been addressed, please file a new issue.