By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,056 Members | 1,320 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,056 IT Pros & Developers. It's quick & easy.

Single Sign On / Authentication System?

P: n/a
Hi all,

I'm looking to implement a single sign on solution for .NET applications.
This single sign on solution will need to work against a variety of back-
end databases (i.e. SQL (mainly), Active Directory (some), Custom Data
Sources (XML, MDB, Custom Web Service, etc).

Is there any sample code on implementing a simple single sign on service?

The app would need:

-Log in Users from the web, desktop clients, custom applications, etc.
-Have granular permissions
-Be compatible with other web services, desktop apps, and remoting
(basically any sort of client/server)
-Have the ability to add trusted sites (i.e. servers, viewer consoles,
etc)
-Work with .NET 1.1 (most of our apps are still 1.1)

I was thinking of doing the following:

1. Build a security web service
2. Users would log into a web service to retrieve a token
3. Once a token is retrieve, it is used for all future communications
4. Applications check security against the security service via the Token
i.e.: CheckPermission(ByVal Token as GUID, ByVal Permission as String) as
Boolean
5. The Web Service would manage a list of valid tokens (time outs,
errors, etc)

Ecryption would be done primarily on the transport layer - but the token
could be encrypted too.

What do you guys think about this solution? It's simple... However, how
do you handled "trusted" sources?

Even better would be for me to find something that was prebuilt :-)


Sep 22 '06 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.