Can I use SharePoint to authenticate users on a separately hosted website?

Question

The behaviour I would like is for a user to be able to visit a custom built website and if they are already authenticated against sharepoint for the custom website to know who they are and give them various rights. If they are not recognised by sharepoint then I would like them to login to sharepoint and be directed back to the custom website.

Sharepoint picks its users and groups up from Active Directory. I don't know much about the internals of the server, but the custom one will be in a separate domain (I think) though I have full control over the custom and moderate control over the SP infrastructure.

A hint at how to progress would be great!

Answer 1

As you rightly said SharePoint can be condigured to use Active Directory for Authentication and User Management. So AD and Sharepoint are 2 different things and you are just linking them. You can develop your custom asp.net application to use AD for Authentication.

Using SharePoint groups in your custom application is difficult (You will have to develop your own service which will check the loggedin user and see if he is present in the SharePoint group)

Another option is to use a Custom ASP.net membership provider and use this in your sharepoint application. This way you can use the same asp.net membership provider for your asp.net application.

Check out Configuring Single Sign on for SharePoint. Could give you some ideas.