It's going to snow, I found my notes from 2 years ago. Not an exact fit, but might point you in the right direction or give an idea. My specific need was to share authentication across virtual directories running different ASP.NET applications on the same web server.
Beyond the changes to web.config I know there was some code required to pass the ticket and then read it in the accepting app. I will post it if this turns out to be at all relevant or helpful to you, which it may not since you are talking Sharepoint, which I dont use.
Notes:
Make sure that you explicitly define the “validationKey” and “decryptionKey” attributes in the <machineKey /> section of your applications’ web.config files. By default, these are configured to AutoGenerate/IsolateApps – which will end up generating separate unique keys in each application (which means that the decryption algorithm will not be able to convert a forms-authentication ticket issued from one application in another). By having them all share the same key value, the applications and encrypt/decrypt/validate cookie values can be read by each other.
If you need a single logon to work across multiple applications located in separate virtual directories, you need to share a common authentication ticket. To configure a common authentication ticket, you must manually generate validationKey and decryptionKey values and ensure that each application shares these values.
If you want to share tickets across all applications on your server you can set these manual values on the <machineKey> element in the machine level Web.config file. To share tickets across specific applications, you can use a <machineKey> element with common validationKey and decryptionKey values in the relevant application's Web.config files.
I found a machine key generator we used
a. Generator - http://www.eggheadcafe.com/articles/GenerateMachineKey/GenerateMachineKey.aspx
b. Code - http://www.eggheadcafe.com/articles/20030514.zip
2) I had to change the “cookieless” property of the “forms” tag in web.config to “UseCookies”, the default for ASP.NET 2.0 and above is cookieless.
Keith Chisarik