I am trying to access the Page Editor of a website inside my solution while logged onto PE of another website in the same Sitecore solution. I'm doing that by writing the URL of the site I'm trying to reach followed by "/?sc_mode=edit". My problem is that I'm redirected to the Sitecore login page. The two websites have different security domains. This only started occurring after upgrading our solution from Sitecore 6.5 to Sitecore version 7.1 Is this a change in the Sitecore behaviour, or are there any settings that I'm neglecting for allowing such behaviour? I would like to access the other site's PE without having to authenticate myself again.
Update
For clarity, I'm adding more details on the specific functionality that I'm trying to fix: we have a custom status bar on our website's PE that allows the user to select another site from the solution and navigate to its PE. The code for achieving this is implemented inside a layout file in /sitecore/admin, called AutoLogin.aspx
Each time the user selects another option from the drop down selector he is redirected via JavaScript to the AutoLogin script on the domain he chose. Here is the code for AutoLogin:
<%@ Page Language="C#" AutoEventWireup="true" %>
<%@ Import Namespace="Sitecore" %>
<%@ Import Namespace="Sitecore.Data" %>
<%@ Import Namespace="Sitecore.Data.Items" %>
<%@ Import Namespace="Sitecore.Data.Fields" %>
<%@ Import Namespace="Sitecore.Globalization" %>
<%@ Import Namespace="Sitecore.Configuration" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>Auto Login</title>
<script runat="server" type="text/C#">
protected void Page_Load(object sender, EventArgs e)
{
var user=HttpContext.Current.Server.UrlDecode(Request["user"]);
Sitecore.Web.Authentication.DomainAccessGuard.Kick(Session.SessionID);
if (Sitecore.Security.Authentication.AuthenticationManager.Login(user))
{
Response.Redirect("/sitecore/shell/applications/webedit.aspx");
}
else
{
Response.Write("Invalid username.");
}
}
</script>
</head>
<body>
<form id="form1" runat="server">
<div>
Auto login in Page Editor
</div>
</form>
</body>
</html>
The AutoLogin script kicks the user from the session and tries logging him inside the new domain. This seems sound in theory but it doesn't seem to work in practice. For some reason, after kicking the user (and before logging back in) the Sitecore.Context.User.Name variable is still set to the username that was logged in before the Kick command was called.