I started working on a windows forms authentication project, which uses nhibernate, and has some management pages for managing user settings, such as resetting user password. This forms based authentication uses session state in order to save the user's authentication information. I will be using a special authentication attribute in order to determine whether the user has access to the application. Since the authentication method is it's own mosaic of object relational mapping code, attributes, repositories, and asp.net mvc pages, I was thinking I could run this application as it's own project on a web server, and I could use this authentication scheme for authenticating multiple applications. The only way to do this would be to save session state to the database instance and share it with the other applications. Does this sound like a correct solution? Or is there something more sophisticated I should be looking into?
Code is not really required at this point, it's just the question as to whether sharing sesssion state with other applications is the correct move, or whether I should be looking into something more sophsticated.
Additionally do other databases support session state sharing for asp.net mvc?
This is a C# asp.net mvc application. I am using nhibernate, and I have looked at some java applications. The Java way seems to be to store authentication info as a session variable, unlike entity framework/Identity framework which has some sort of cookie/Ticket setup. I don't really think there is a way to inject into the server's session state, but I could be wrong. Insights welcome.