tags:

views:

19

answers:

1
Q: 

authentication integration issue

Hello everyone,

I am using SharePoint 2007 Enterprise + Publishing portal template + Windows Server 2008. I am developing using VSTS 2008 + C# + .Net 3.5. I need to implement SSO (Single Sign On feature) with another site. The SSO protocol is like this,

  1. The other site will send me information like http://mysitename/default.aspx?Identity=abc or like http://mysitename/default.aspx (mysitename is the site which I am developing);
  2. If the value Identity variable is null, it means anonymous user. And if the Identity value is not null (means an authenticated user), I will using a WCF interface to find user information (e.g. user name and email address) from the Identity variable;
  3. The actual user name, user profile (e.g. email address) and password are maintained by the other site;
  4. My site will manage roles by myself (i.e. the other site and my site only shares user credential authentication function to implement SSO, role management are performed individually in two sites).

Any ideas how to integrate such SSO feature?

thanks in advance, George

+1  A: 

The first thing you need to do is to find a way to verify that your application was called from a trusted site. This means that the username must be encrypted before sending it. So both sites could share private key used to encrypt and decrypt sensitive information.

  1. SiteA encrypts username using a key and sends it to SiteB (your site)
  2. SiteB decrypts username using same key and retrieves user profile.
Darin Dimitrov  2009-11-21 09:33:24
Sorry Darin, I am not using the key encryption approach as you mentioned. The other site has self-inveted approach to generate random string which identifies authenticated user (i.e. the "Identity" variable as I mentioned in my original question. And the destination site can read from a WCF service to check whether such random "Identity" string is valid).Actually, my question is not how to make authentication integration secure, but how to utlizes the existing authentication protocol which the other site is using in SharePoint site to make SSO effect. Any solutions?
George2  2009-11-21 14:14:00

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?