Ask a Question related to ASP.NET Security, Design and Development.
-
michaelr #1
SSO advice
We are looking to implement Single Sign On (SSO) for our intranet and other
internal applications.
Our plan is to have an ASP.NET “portal page” which will examine the
WindowsIndentity of the IIS-authenticated user, and present links for the
applications that the user has authorization.
In order to minimize custom programming efforts, we would like to leverage
built in Windows functionality for authorization and authentication as much
as possible for both the portal and downstream components and applications.
Our research has led us to the conclusion that using Windows Integrated
Authentication on IIS is the most effective way to authenticate the user. For
application authorization, we may use Active Directory Application Mode
(ADAM) or a custom SQL database.
However, it would be desirable to force the user to enter their credentials
upon initial logon, rather than automatically picking up the network logon.
We are concerned that Basic authentication (with HTTPS) may present
difficulties if our applications are spread across several machines.
Anyone have experience/advice on this?
michaelr Guest
-
Advice
Hello All, I am looking for advice on the purchase of a digital camera. I will be using it primarily for personal photos, and to e-mail shots... -
Help and Advice
Hi, I have a dynamic menu in my Intranet application that loads from a database. What I would like to do is to make parent nodes visible based on... -
some advice please
Hallo, I have to make a web application in Javascript/ASP for tenniscourt reservation (based on Access database). I would like to do everything... -
A bit of advice!
Hi guys, im kinda new to this forum stuff, and i was wondering if anyone could help me out. I'm using 3d Studio Max 5 and Director MX for a... -
Need advice
Hi I am in the process of "beautifying" a web site based on PHP + XTemplate. I wish to include a fixed left navigation bar on almost all the pages.... -
Daniel Fisher\(lennybacon\) #2 Re: SSO advice
If the Apps all run in a Domain or same machine just turn off anonymous
access in IIS.
--
Daniel Fisher(lennybacon)
MCP C# ASP.NET
Blog: [url]http://www.lennybacon.com/[/url]
"michaelr" <michaelr@discussions.microsoft.com> wrote in message
news:341C7177-49C7-4D73-BDDF-5B1367402574@microsoft.com...> We are looking to implement Single Sign On (SSO) for our intranet and
> other
> internal applications.
>
> Our plan is to have an ASP.NET "portal page" which will examine the
> WindowsIndentity of the IIS-authenticated user, and present links for the
> applications that the user has authorization.
>
> In order to minimize custom programming efforts, we would like to leverage
> built in Windows functionality for authorization and authentication as
> much
> as possible for both the portal and downstream components and
> applications.
>
> Our research has led us to the conclusion that using Windows Integrated
> Authentication on IIS is the most effective way to authenticate the user.
> For
> application authorization, we may use Active Directory Application Mode
> (ADAM) or a custom SQL database.
>
> However, it would be desirable to force the user to enter their
> credentials
> upon initial logon, rather than automatically picking up the network
> logon.
> We are concerned that Basic authentication (with HTTPS) may present
> difficulties if our applications are spread across several machines.
>
> Anyone have experience/advice on this?
>
Daniel Fisher\(lennybacon\) Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
