Solved

What options exist for Single Sign-On and ASP.NET 4.0?

Posted on 2011-03-04
5
330 Views
Last Modified: 2012-05-11
I have an MVC3 and Dynamic Data website that need a single sign on.

1) Can I use Windows Authentication? If so, how?
2) I am not too interested in using MS Passport
3) What other methods exist?
4) What kind of home grown solutions might there be?

Thanks,
newbieweb
0
Comment
Question by:newbieweb
  • 3
  • 2
5 Comments
 

Author Comment

by:newbieweb
Comment Utility
5) Shared memory?
0
 

Author Comment

by:newbieweb
Comment Utility
6) Shared Cookies?
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 500 total points
Comment Utility
1) Yes, but there are some caveats so it may not make sense in your environment.  It's probably most useful in a corporate intranet environment, where all web sites, users and computers are in the same domain (or forrest).  If all the client computers are using Internet Explorer, and the option to logon automatically for the applicable zone (or enforced with Group Policy), then you can use the WindowsTokenRoleProvider along with the built-in ASP.Net authentication and authorization mechanisms (http://msdn.microsoft.com/en-us/library/system.web.security.windowstokenroleprovider.aspx, http://msdn.microsoft.com/en-us/library/ff647401.aspx).  This achieves the effect of SSO since an interactive login is never seen, users are sliently logged into websites with whatever credentials they used to log onto their workstation.  I'm relatively certain that any browser other than IE won't behave this way.

2) Okie doke.

3) This article outlines a good alternative: http://aspalliance.com/1513_Cross_Site_Authentication_and_Data_Transfer.all

4) I'm not sure, but it may be possible for more than one site to use the SqlRoleProvider and share the same backing database.  When going from site 1 to site 2, you can pass a base64/Url-encoded encrypted string containing the user's name & password as a QueryString parameter which the landing page in site 2 can retrieve and use to attempt to login.  Or put the encrypted string in a <input type="hidden"> field on a form in site 1 that posts back to the landing page in site 2 (so the user won't see it on the URL).

6) I'm not sure how or if that would work - I was under the impression that sites are only able to retrieve their own cookies, which would present a problem for cross-site authentication.  I'm a little foggy on those details though, so I better leave that for someone else more knowledgeable on the topic to elaborate.
0
 
LVL 33

Accepted Solution

by:
Todd Gerbert earned 500 total points
Comment Utility
Another option: Forms Authentication Across Applications, http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx
0
 

Author Closing Comment

by:newbieweb
Comment Utility
Forms Authentication Across Applications seems just right. Thanks :)
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now