Solved

What options exist for Single Sign-On and ASP.NET 4.0?

Posted on 2011-03-04
5
374 Views
Last Modified: 2012-05-11
I have an MVC3 and Dynamic Data website that need a single sign on.

1) Can I use Windows Authentication? If so, how?
2) I am not too interested in using MS Passport
3) What other methods exist?
4) What kind of home grown solutions might there be?

Thanks,
newbieweb
0
Comment
Question by:newbieweb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 

Author Comment

by:newbieweb
ID: 35039926
5) Shared memory?
0
 

Author Comment

by:newbieweb
ID: 35040172
6) Shared Cookies?
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 500 total points
ID: 35041375
1) Yes, but there are some caveats so it may not make sense in your environment.  It's probably most useful in a corporate intranet environment, where all web sites, users and computers are in the same domain (or forrest).  If all the client computers are using Internet Explorer, and the option to logon automatically for the applicable zone (or enforced with Group Policy), then you can use the WindowsTokenRoleProvider along with the built-in ASP.Net authentication and authorization mechanisms (http://msdn.microsoft.com/en-us/library/system.web.security.windowstokenroleprovider.aspx, http://msdn.microsoft.com/en-us/library/ff647401.aspx).  This achieves the effect of SSO since an interactive login is never seen, users are sliently logged into websites with whatever credentials they used to log onto their workstation.  I'm relatively certain that any browser other than IE won't behave this way.

2) Okie doke.

3) This article outlines a good alternative: http://aspalliance.com/1513_Cross_Site_Authentication_and_Data_Transfer.all

4) I'm not sure, but it may be possible for more than one site to use the SqlRoleProvider and share the same backing database.  When going from site 1 to site 2, you can pass a base64/Url-encoded encrypted string containing the user's name & password as a QueryString parameter which the landing page in site 2 can retrieve and use to attempt to login.  Or put the encrypted string in a <input type="hidden"> field on a form in site 1 that posts back to the landing page in site 2 (so the user won't see it on the URL).

6) I'm not sure how or if that would work - I was under the impression that sites are only able to retrieve their own cookies, which would present a problem for cross-site authentication.  I'm a little foggy on those details though, so I better leave that for someone else more knowledgeable on the topic to elaborate.
0
 
LVL 33

Accepted Solution

by:
Todd Gerbert earned 500 total points
ID: 35041483
Another option: Forms Authentication Across Applications, http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx
0
 

Author Closing Comment

by:newbieweb
ID: 35056613
Forms Authentication Across Applications seems just right. Thanks :)
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Validating textboxes in red square borders. 2 34
linq .concat equivalent with expression syntax 4 25
locate sql commands in C# visual studio Project 6 44
C# LINQ 5 26
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
More often than not, we developers are confronted with a need: a need to make some kind of magic happen via code. Whether it is for a client, for the boss, or for our own personal projects, the need must be satisfied. Most of the time, the Framework…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question