Solved

How do i Set up a "SINGLE-SIGN-ON SERVER" to share credentials for mulitple asp.net applications

Posted on 2007-12-01
6
390 Views
Last Modified: 2008-02-01
I need to share login credntials for applications accross domains that do not have a common ancestor, e.g.

http://secrets.com/
http://mysteries.com/

There is no way to set a cookie that is included in requests to both these domains.

In this case we need a third server, the SSO server, whose purpose is to keep track of who is logged in. When you visit a page on secrets.com, if its cookie is not set, it consults the SSO server to find if the user is already logged in, in which case it silently creates the cookie and carries on as if they had already been logged in.

Can anyone reommend a way to do this via .net - or if there are any open source solutions to do this ?
0
Comment
Question by:paulCardiff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 250 total points
ID: 20388919
Developers are allowed to build websites using the 'Live ID' (formerly passport) service.  http://dev.live.com/liveid/

I don't know of any open source projects.  This type of technology is complex to build properly if security is an issue.  Making it open source exposes weaknesses.
0
 

Author Comment

by:paulCardiff
ID: 20388932
Is this free for commerical use and can i programatically create accounts for my clients?
0
 
LVL 2

Expert Comment

by:yossi_intlock
ID: 20389215
try this (i assume that you are working with .net v 2.0 and using forms authentication): when the user sign in to one application on a domain - encrypt the auth cookie youself - you can do it by overriding the OnAuthenticate .net method.  now when the user moves to the second domain try to read this cookie by its domain name. if you  got that cookie you can decrypt it and find out the logon credencials.  you can do that by adding a global.asax file to both applications. use the Session_Start() method for reading and decrypt the auth cookie.
i havent tested this yet but i think this might work for you.  
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
LVL 2

Assisted Solution

by:yossi_intlock
yossi_intlock earned 250 total points
ID: 20389319
i realize now that you cannot read a cookie that belong to A domain from B domain... :) but - you can still check the referer on Session_Start() in the global.asax file and if the referrer was A domain you can call a webservice on that A domain that can get those credentials for the A domain cookie and authenticate the user.
0
 
LVL 2

Expert Comment

by:yossi_intlock
ID: 20392308
im glad that i could help. if the solution worked for you or you found another way please tell us so we can enrich our knowledge. thanks..
0
 

Author Comment

by:paulCardiff
ID: 20392641
Sure please review the following link for more info i.e. http://forums.asp.net/t/1005856.aspx 
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question