Single Sign-On with Forms Authentication

Discussion in 'ASP .Net Security' started by Gabriel Giraldo, May 25, 2005.

  1. Hello,

    I'm trying to integrate the security (authentication) of several web
    applications on my enterprise (we do not have active directory implemented
    yet).

    I would like to implement a Passport-like authentication system, but based
    on Forms Authentication: a system where users authenticate once and access
    all of our ASP .NET web applications without needing to provide passwords
    again.

    Is there any way to accomplish this with Forms Authentication? As far as I
    have tested, each ASP .NET Application configured with Forms Authentication
    handles its own authentication cookie. Is there any way to unify this
    authentication cookie between applications?

    Thanks for your help.
     
    Gabriel Giraldo, May 25, 2005
    #1
    1. Advertising

  2. Hello Gabriel,

    yes, this is possible

    make sure the following attributes of you forms auth config are the same
    for all apps

    - machineKey
    - cookie name
    - cookie path

    read more here:
    http://weblogs.asp.net/hernandl/archive/2004/06/09/ssoformsauth.aspx

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hello,
    >
    > I'm trying to integrate the security (authentication) of several web
    > applications on my enterprise (we do not have active directory
    > implemented yet).
    >
    > I would like to implement a Passport-like authentication system, but
    > based on Forms Authentication: a system where users authenticate once
    > and access all of our ASP .NET web applications without needing to
    > provide passwords again.
    >
    > Is there any way to accomplish this with Forms Authentication? As far
    > as I have tested, each ASP .NET Application configured with Forms
    > Authentication handles its own authentication cookie. Is there any way
    > to unify this authentication cookie between applications?
    >
    > Thanks for your help.
    >
     
    Dominick Baier [DevelopMentor], May 26, 2005
    #2
    1. Advertising

  3. Thanks a lot. Just what I need!

    "Dominick Baier [DevelopMentor]" wrote:

    > Hello Gabriel,
    >
    > yes, this is possible
    >
    > make sure the following attributes of you forms auth config are the same
    > for all apps
    >
    > - machineKey
    > - cookie name
    > - cookie path
    >
    > read more here:
    > http://weblogs.asp.net/hernandl/archive/2004/06/09/ssoformsauth.aspx
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    > > Hello,
    > >
    > > I'm trying to integrate the security (authentication) of several web
    > > applications on my enterprise (we do not have active directory
    > > implemented yet).
    > >
    > > I would like to implement a Passport-like authentication system, but
    > > based on Forms Authentication: a system where users authenticate once
    > > and access all of our ASP .NET web applications without needing to
    > > provide passwords again.
    > >
    > > Is there any way to accomplish this with Forms Authentication? As far
    > > as I have tested, each ASP .NET Application configured with Forms
    > > Authentication handles its own authentication cookie. Is there any way
    > > to unify this authentication cookie between applications?
    > >
    > > Thanks for your help.
    > >

    >
    >
    >
    >
     
    Gabriel Giraldo, May 26, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. LouB
    Replies:
    0
    Views:
    332
  2. jct

    Forms Authentication - Single Sign-On

    jct, Jan 18, 2005, in forum: ASP .Net Security
    Replies:
    0
    Views:
    168
  3. Dave Slinn

    Transfer authentication token - how to single sign-on

    Dave Slinn, Nov 13, 2005, in forum: ASP .Net Security
    Replies:
    10
    Views:
    544
    [MSFT]
    Nov 23, 2005
  4. SP
    Replies:
    7
    Views:
    240
    Joe Kaplan
    Feb 14, 2007
  5. bthumber

    CAC authentication Single Sign-on

    bthumber, Apr 23, 2009, in forum: ASP .Net Security
    Replies:
    2
    Views:
    764
    bthumber
    Apr 24, 2009
Loading...

Share This Page