Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > 2 sites - 1 authentication method

Reply
Thread Tools

2 sites - 1 authentication method

 
 
Chris
Guest
Posts: n/a
 
      04-20-2004
We have developed two sites that both use forms authentication and have objects with custom principle interfaces and identity interfaces. I would like to use the same principals for both sites and load behind the scenes

I have tried the following scenario
1) Create a web service that automtically takes the credentials, loads the custom principal, and redirects the user in the new site. This of course...has a few drawbacks

Is there a better method or best practices for doing this?....such as setting a cookie on one site....then overriding the page object to allways look for it and load the principal on each page. It seems that this might be a better way to maintain credentials between the two applications

any thoughts would be greatly appreciated
Chris
 
Reply With Quote
 
 
 
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      04-21-2004
Cookies are very commonly used in Single Sign On technologies, so there is
no reason why this couldn't work for you. You could use a standard
HttpModule on both sites that would add the cookie for newly authenticated
users and read the cookie for returning users. You'd probably want to
encrypt it so that it could not be tampered with.

Joe K.

"Chris" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> We have developed two sites that both use forms authentication and have

objects with custom principle interfaces and identity interfaces. I would
like to use the same principals for both sites and load behind the scenes.
>
> I have tried the following scenario:
> 1) Create a web service that automtically takes the credentials, loads

the custom principal, and redirects the user in the new site. This of
course...has a few drawbacks.
>
> Is there a better method or best practices for doing this?....such as

setting a cookie on one site....then overriding the page object to allways
look for it and load the principal on each page. It seems that this might
be a better way to maintain credentials between the two applications?
>
> any thoughts would be greatly appreciated,
> Chris



 
Reply With Quote
 
 
 
 
Sandy MacLean
Guest
Posts: n/a
 
      05-11-2004
I can recommend the book "Professional ASP.NET Security" from the Wrox
Programmer to Programmer series.

I haven't tried it myself yet (just about to), but basically this indicates
that you can use the machine.config file to pre-set a hash value set to
allow sharing of credentials between applications (using forms
authentication) on the same server, or between different serers within a web
farm.

ISBN: 1-86100-620-9
Price US$49.99.

Hope that helps

-Alec

"Chris" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> We have developed two sites that both use forms authentication and have

objects with custom principle interfaces and identity interfaces. I would
like to use the same principals for both sites and load behind the scenes.
>
> I have tried the following scenario:
> 1) Create a web service that automtically takes the credentials, loads

the custom principal, and redirects the user in the new site. This of
course...has a few drawbacks.
>
> Is there a better method or best practices for doing this?....such as

setting a cookie on one site....then overriding the page object to allways
look for it and load the principal on each page. It seems that this might
be a better way to maintain credentials between the two applications?
>
> any thoughts would be greatly appreciated,
> Chris



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
2 sites or not 2 sites Yitzak ASP .Net 5 03-10-2009 11:05 AM
using python to visit web sites and print the web sites image to files imx Python 10 03-14-2007 02:19 PM
Sites about web-sites ? Jasbird HTML 1 09-28-2006 06:21 PM
How do prevent sites to be loaded in other sites frames? Stefan Caliandro HTML 2 02-14-2005 06:05 PM
ISO: Web sites for images (pay sites preferred) Kevin Buchan ASP .Net 1 02-20-2004 09:34 AM



Advertisments