SSO advice

Discussion in 'ASP .Net Security' started by michaelr, Oct 11, 2004.

  1. michaelr

    michaelr Guest

    We are looking to implement Single Sign On (SSO) for our intranet and other
    internal applications.

    Our plan is to have an ASP.NET “portal page†which will examine the
    WindowsIndentity of the IIS-authenticated user, and present links for the
    applications that the user has authorization.

    In order to minimize custom programming efforts, we would like to leverage
    built in Windows functionality for authorization and authentication as much
    as possible for both the portal and downstream components and applications.

    Our research has led us to the conclusion that using Windows Integrated
    Authentication on IIS is the most effective way to authenticate the user. For
    application authorization, we may use Active Directory Application Mode
    (ADAM) or a custom SQL database.

    However, it would be desirable to force the user to enter their credentials
    upon initial logon, rather than automatically picking up the network logon.
    We are concerned that Basic authentication (with HTTPS) may present
    difficulties if our applications are spread across several machines.

    Anyone have experience/advice on this?
    michaelr, Oct 11, 2004
    #1
    1. Advertising

  2. If the Apps all run in a Domain or same machine just turn off anonymous
    access in IIS.

    --
    Daniel Fisher(lennybacon)
    MCP C# ASP.NET
    Blog: http://www.lennybacon.com/



    "michaelr" <> wrote in message
    news:...
    > We are looking to implement Single Sign On (SSO) for our intranet and
    > other
    > internal applications.
    >
    > Our plan is to have an ASP.NET "portal page" which will examine the
    > WindowsIndentity of the IIS-authenticated user, and present links for the
    > applications that the user has authorization.
    >
    > In order to minimize custom programming efforts, we would like to leverage
    > built in Windows functionality for authorization and authentication as
    > much
    > as possible for both the portal and downstream components and
    > applications.
    >
    > Our research has led us to the conclusion that using Windows Integrated
    > Authentication on IIS is the most effective way to authenticate the user.
    > For
    > application authorization, we may use Active Directory Application Mode
    > (ADAM) or a custom SQL database.
    >
    > However, it would be desirable to force the user to enter their
    > credentials
    > upon initial logon, rather than automatically picking up the network
    > logon.
    > We are concerned that Basic authentication (with HTTPS) may present
    > difficulties if our applications are spread across several machines.
    >
    > Anyone have experience/advice on this?
    >
    Daniel Fisher\(lennybacon\), Oct 12, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. CV
    Replies:
    1
    Views:
    630
    bruce barker
    Oct 6, 2004
  2. daniel
    Replies:
    3
    Views:
    626
    Scott Allen
    Feb 2, 2005
  3. Lucas Tam

    Java SSO - Is this a standard?

    Lucas Tam, Mar 10, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    453
    Joerg Jooss
    Mar 10, 2005
  4. =?Utf-8?B?QVZM?=

    sso

    =?Utf-8?B?QVZM?=, Apr 4, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    571
    =?Utf-8?B?QVZM?=
    Apr 4, 2005
  5. Rick Z

    SSO in WebApplication, Help

    Rick Z, Sep 25, 2004, in forum: Java
    Replies:
    1
    Views:
    372
    Oscar kind
    Sep 26, 2004
Loading...

Share This Page