Solved

How do i Set up a "SINGLE-SIGN-ON SERVER" to share credentials for mulitple asp.net applications

Posted on 2007-12-01
6
388 Views
Last Modified: 2008-02-01
I need to share login credntials for applications accross domains that do not have a common ancestor, e.g.

http://secrets.com/
http://mysteries.com/

There is no way to set a cookie that is included in requests to both these domains.

In this case we need a third server, the SSO server, whose purpose is to keep track of who is logged in. When you visit a page on secrets.com, if its cookie is not set, it consults the SSO server to find if the user is already logged in, in which case it silently creates the cookie and carries on as if they had already been logged in.

Can anyone reommend a way to do this via .net - or if there are any open source solutions to do this ?
0
Comment
Question by:paulCardiff
  • 3
  • 2
6 Comments
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 250 total points
ID: 20388919
Developers are allowed to build websites using the 'Live ID' (formerly passport) service.  http://dev.live.com/liveid/

I don't know of any open source projects.  This type of technology is complex to build properly if security is an issue.  Making it open source exposes weaknesses.
0
 

Author Comment

by:paulCardiff
ID: 20388932
Is this free for commerical use and can i programatically create accounts for my clients?
0
 
LVL 2

Expert Comment

by:yossi_intlock
ID: 20389215
try this (i assume that you are working with .net v 2.0 and using forms authentication): when the user sign in to one application on a domain - encrypt the auth cookie youself - you can do it by overriding the OnAuthenticate .net method.  now when the user moves to the second domain try to read this cookie by its domain name. if you  got that cookie you can decrypt it and find out the logon credencials.  you can do that by adding a global.asax file to both applications. use the Session_Start() method for reading and decrypt the auth cookie.
i havent tested this yet but i think this might work for you.  
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 2

Assisted Solution

by:yossi_intlock
yossi_intlock earned 250 total points
ID: 20389319
i realize now that you cannot read a cookie that belong to A domain from B domain... :) but - you can still check the referer on Session_Start() in the global.asax file and if the referrer was A domain you can call a webservice on that A domain that can get those credentials for the A domain cookie and authenticate the user.
0
 
LVL 2

Expert Comment

by:yossi_intlock
ID: 20392308
im glad that i could help. if the solution worked for you or you found another way please tell us so we can enrich our knowledge. thanks..
0
 

Author Comment

by:paulCardiff
ID: 20392641
Sure please review the following link for more info i.e. http://forums.asp.net/t/1005856.aspx 
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This video teaches users how to migrate an existing Wordpress website to a new domain.
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question