How to I run same ASP.NET 3.5 website on 2 different ports via IIS server

Question

0.00/5 (No votes)

See more:

I have developed a employee leave tracking website using asp.net 3.5 which i am hosting through IIS 7.0 server on my company intranet.
i have deployed the website twice for two seperate departments on same server so they have same ip address but port no 9696 & other on port no 9797
Now the issue is that both website share cookies and i cannot login into both the website at the same time using the same browser.

Is there no way to keep the application cookies seperated from other website if they are hosted on same server but different port altogether.

What I have tried:

tried renaming the cookies in the both the websites only thing that works is opening the app in a seperate browser

Posted 2-Nov-17 20:18pm

Christopher Fernandes

Updated 6-Nov-17 9:24am

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Accepted Answer · 2017-11-06T09:24:00

Cookies are not port-specific.

There was a suggestion to add this feature back in 2000 in RFC 2695[^]; but that was replaced in 2011 by RFC 6265[^], which makes no mention of the port= attribute. AFAIK, no browser ever supported the Set-Cookie2 header or the port attribute.

The closest equivalent is the "Secure" flag, which indicates that the cookie should only be sent with HTTPS requests. But cookies without this flag set will still be sent for both HTTP and HTTPS requests, so it won't solve your problem.

You have three options:

Rename the cookies (on one version of the site only!)
You'll need to make sure you update every single usage, including the built-in settings for session and authentication.
Put both versions on different paths, and add the path to the cookie
So you'll have http://yourserver:9696/path1/ and http://yourserver:9797/path2/.
Again, you'll need to get every single cookie to use the correct path.
Give each version a different host name
Set up two A records on your internal DNS pointing to the server, and set up the host headers in IIS so that each version responds to a single record.
Eg: http://app1.yourserver.local/ and http://app2.yourserver.local