One Portal (Access 4 active websites from one NEW login page). Single Sign on?

Question

User1291657044 posted

Ok, here is a project I am working on. I have 4 websites that are active and independent for 4 of our divisions. The goal is to create a new Portal laying on the top of all these 4 sites and upon the user logging into the portal and selects a division, the system should enable the user to log into individual sites without requiring a second set of user credential. How would you approach this project? I tried Single Sign On (SSO) and it didn't seem to do the job. Any suggestions out there? The active websites are written in vb.net and Microsoft's out of the box login mechanism is what's used for logging in.

Answer 1

User614698185 posted

Hi eyobzeleke,

Welcome to ASP.NET Forums!

Single sign-on is relatively easy to achieve within a subdomain or second-level domain. ASP.NET Forms Authentication is a ticket based system where the ticket is stored encrypted in a cookie. What you must achieve is to enable your web apps to share a this cookie.

For a subdomain scenario (e.g. mysite.com/app1, mysite.com/app2), just set the encryption/decryption keys to be the same in machinekey setting in web.config files.

For a second-level domain scenario (e.g. app1.mysite.com, app2.mysite.com), in addition to the above, you need to make some code change to force all authentication cookies to use the same top level domain (e.g. mysite.com).

Best Regards,

Candice Zhou

Answer 2

User1291657044 posted

Thanks for your prompt response Candice! What about for a scenario where I am hosting 4 different sites in IIS with different IP Addresses (app1.mysite1.com, app2.mysite2.com....)? Currently I have different machine and decryption keys for each. Would Single Sign On still work in this scenario? Also worth to mention here that I don't want all the 4 sites to be accessed at the same time from one login. What I want is that a division would be selected by the user on the portal site and based on that one of the sites would be accessed respectively. For example, the user logs into the portal and there will be a page that would allow the user to select which division to access and upon selecting that division, the respective site would be accessed. If the user wants to access another site with a different division, there will change the divisionID per se and log in respectively.

Answer 3

User614698185 posted

Hi eyobzeleke,

What about for a scenario where I am hosting 4 different sites in IIS with different IP Addresses

You issue is related to IIS, please post your question to IIS Forums:

https://forums.iis.net/

Best Regards,

Candice Zhou

Answer 4

User1291657044 posted

Hi Candice, the 4 sites I am referring to are already hosted in IIS and are active. Have been active with no issues for years. My question is how can I make SSO work in this type of scenario where I would add one top layer login mechanism and access the 4? Is this still a question for IIS Forums?

Answer 5

User614698185 posted

Hi eyobzeleke,

You could refer to the following tutorials to learn Single Sign On (SSO) for cross-domain ASP.NET applications:

http://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl

http://www.codeproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic

http://aspalliance.com/1513_Cross_Site_Authentication_and_Data_Transfer.all

Best Regards,

Candice Zhou

Answer 6

User1291657044 posted

Thanks Candice!

Answer 7

User1291657044 posted

Hey Candice, apart from using SSO, how could I login to a site (SITE B) from a code in another site (Site A)? Searching on google gave me code examples for WebClient although it didn't seem to do exactly what I wanted it to do. I could pull up and display the login page for SITE B from code in Site A but the login authentication didn't work. Do you have any other suggestions? Or actually a working code that lets me login to another site from code in site A ... other than SSO?

Oh and by the way, the login credentials for site B are accessible in Site A.