L
Larry Page
What started off as a request for a Single Sign On solution is grown to the
point where I need to make some long term design decisions and I'm hoping to
get some input on how others are handling the same issues. I've spent the
last two years moving applications to an intranet web portal, which morphed
into a Internet portal, and now is providing extranet data feeds via web
services. The latest twist came when users began to question why they had
to use a seperate logon to access the Internet site our Marketing department
created independently to fill a perceived need for eye candy. This issue
was addressed by creating a web service that the Marketing site could use to
'pass through' logon credentials back to Active Directory.
Sorry about the long history lesson! The current issue is, as users bounce
from system to system they are prompted to logon to each server. What they
want is to logon once and use every resource. I've determined I have no
recourse but to abandon integrated authentication and use forms based. The
question I'm posing is, which of the dozen different solutions I've read
about is going to provide the best fit for our scenario. All of our web and
sql servers are windows OS and the external Internet site is also built on
dot net. I've setup an out of process state server, but don't have the
option of bringing the external site into the domain. What I'd like to do
is build a centralized server that would handle all security requests
regardless of source. The only way I think of to do this would require some
sort of token passing between systems, but I've found few practical
examples, and no case histories.
This is too large of a project to take a gamble on. Has anyone faced and
conquered a similiar situation that could point me in the right direction?
Thanks in advance,
Larry
point where I need to make some long term design decisions and I'm hoping to
get some input on how others are handling the same issues. I've spent the
last two years moving applications to an intranet web portal, which morphed
into a Internet portal, and now is providing extranet data feeds via web
services. The latest twist came when users began to question why they had
to use a seperate logon to access the Internet site our Marketing department
created independently to fill a perceived need for eye candy. This issue
was addressed by creating a web service that the Marketing site could use to
'pass through' logon credentials back to Active Directory.
Sorry about the long history lesson! The current issue is, as users bounce
from system to system they are prompted to logon to each server. What they
want is to logon once and use every resource. I've determined I have no
recourse but to abandon integrated authentication and use forms based. The
question I'm posing is, which of the dozen different solutions I've read
about is going to provide the best fit for our scenario. All of our web and
sql servers are windows OS and the external Internet site is also built on
dot net. I've setup an out of process state server, but don't have the
option of bringing the external site into the domain. What I'd like to do
is build a centralized server that would handle all security requests
regardless of source. The only way I think of to do this would require some
sort of token passing between systems, but I've found few practical
examples, and no case histories.
This is too large of a project to take a gamble on. Has anyone faced and
conquered a similiar situation that could point me in the right direction?
Thanks in advance,
Larry