This is a mirror of official site: http://jasper-net.blogspot.com/

Single Sign On (SSO) for cross-domain Asp.net applications, Part-I - The design blue print

| Monday, September 6, 2010
Introduction

"Yet another Monday morning at your office. Just started to wonder how fast the weekend just passed away, and how hard are the days going to be in this week. You got a mail! Oh no, not a lucrative job offer. Its just another requirement from your new client. Your client has a number of Asp.net of sites, and all he wants is to enable his users to log onto all sites just by logging into a single site. And, obviously, log out of all sites by logging out from a single site.

OK, so your client wants a "Single Sign On" implementation. You thought, oh, it’s not that hard. The Asp.net forms authentication is the solution. It allows to share the same cookie across the sites under a same domain using the same configuration key using the <machineKey> element. A quick Google search gives you some pretty fine examples of Single Sign on implementation using <machineKey> in Asp.net applications. OK, so life is not that hard as a programmer after all.

Hold on. Something just caught your eyes. The requirement says, "your client has a number of sites, but they are not necessarily under the same domain". You just missed this important point to notice, and, the very first day at your office just started to appear harder to you. It’s not easy to implement a Single Sign On for sites under different domain, for the very fundamental reason that, cookie of a particular domain cannot be shared with another domain. Who doesn’t know that, it’s the cookie that is used to maintain authentication information across different page requests?"

I just depicted a scenario that is pretty common these days. This is an era of web 2.0 and social networking, as they say. Standalone and “iland” like systems are very rare these days. You do a tweet from the Twitter and update your status at LinkedIn and Facebook at the same time without doing anything else. You write an article on CodeProject and share it on hundreds of sites within a seconds. So, it’s pretty natural that you would expect to log onto a site and jump to another related one without having to re-login again, doesn’t matter to you what domain these sites are deployed under.

So I thought, how about developing something that allows to implement a Single Sign On (Of course, for Asp.net sites) for cross-domain sites easily? People may have tried to implement this in many different ways, and, commercial solutions are also available upon purchase. But, what if I try to develop something which is simple, free and most importantly, which works.

How Authentication works in Asp.net?

Well, this may not be something new to you. But while we try to solve the hardest problems on earth, we often need to go back to the basics, to try to understand how things really work. So, it wouldn’t be bad to revisit the ABS’s of Asp.net Forms authentication mechanism.

Read more: Codeproject

Posted via email from .NET Info

1 comments:

Anonymous said...

Indeed there are plenty of pricey jewelry sets, but there are some which can
be certainly affordable that you are able to acquire as inexpensive bridesmaid gifts.
Being the center of attraction the bride to be wants to look fascinating and charming.
Crystal tends to be heavier as it contains a considerable amount of lead that contributes
for the weight.

Look at my homepage :: partsinscale.com