Hey all,
Is it possible that I can somehow transfer an authenticated user
(stored in session) between 2 web applications with some measure of
security? Essentially if a user has logged into application A, I want
to somewhat integrate pages from application B, but the user will need
to be authenticated to application B. In application B, the user will
need to be stored in session also.
Configuring web servers and so on is not much of an option here. I need
an in code solution.
Perhaps application B can have some sort of ASPX that deals with
requests for authenticating a user. Application A could pass username
and password to App B via this page as a POST and then app B will store
user in session. Then app A can call pages from app B wherever they
like. The only thing I would need to manage is if the session on App B
has expired, and if so, to re-authenticate as necessary. This was only
my first "guess" at a possible solution and am open to any suggestions.
Cheers,
Steven