Re: Single Sign On / Authentication System?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: "David Browne" <davidbaxterbrowne no potted meat@xxxxxxxxxxx>
• Date: Fri, 22 Sep 2006 19:57:10 -0500

---

"Spam Catcher" <spamhoneypot@xxxxxxxxxx> wrote in message news:Xns9846C2E0186BFusenethoneypotrogers@xxxxxxxxxxxx

Hi all,

I'm looking to implement a single sign on solution for .NET applications.
This single sign on solution will need to work against a variety of back-
end databases (i.e. SQL (mainly), Active Directory (some), Custom Data
Sources (XML, MDB, Custom Web Service, etc).

Is there any sample code on implementing a simple single sign on service?

The app would need:

-Log in Users from the web, desktop clients, custom applications, etc.
-Have granular permissions
-Be compatible with other web services, desktop apps, and remoting
(basically any sort of client/server)
-Have the ability to add trusted sites (i.e. servers, viewer consoles,
etc)
-Work with .NET 1.1 (most of our apps are still 1.1)

I was thinking of doing the following:

1. Build a security web service
2. Users would log into a web service to retrieve a token
3. Once a token is retrieve, it is used for all future communications
4. Applications check security against the security service via the Token
i.e.: CheckPermission(ByVal Token as GUID, ByVal Permission as String) as
Boolean
5. The Web Service would manage a list of valid tokens (time outs,
errors, etc)

Ecryption would be done primarily on the transport layer - but the token
could be encrypted too.

What do you guys think about this solution? It's simple... However, how
do you handled "trusted" sources?

Even better would be for me to find something that was prebuilt :-)

Would ADAM work?

Windows Server 2003 Active Directory Application Mode
http://www.microsoft.com/windowsserver2003/adam/default.mspx

David

.

---

• Prev by Date: Re: Using a TypeConverter instead of Type.GetType(String)
• Next by Date: Re: Socket weirdness
• Previous by thread: Using a TypeConverter instead of Type.GetType(String)
• Next by thread: CLR class correspondant to std::vector<> or CArray<>?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Question on Security application block ... on security application block. ... application..now ones you move it web service those settings will go ... R1,R2 and applications B has roles R3 and R4. ... 4.when you run aspnet_regsql it creates certains tables to store user- ... (microsoft.public.dotnet.framework.aspnet) Re: Active Directory authorization ... AD should be fine as a source for authentication for your web service. ... The easiest way to use AD for authentication is to just use the transport layer authentication schemes built in to IIS. ... For app level authorization, I'd suggest checking out Microsoft's Authorization Manager framework. ... every applications. ... (microsoft.public.windows.server.active_directory) RE: NTLM & Load Balancing ... load balancer when stateful server side behavior is required. ... WSE 2.0 and Web Service Security as another possible approach that makes ... >> such as timeout that you can include in your own tokens. ... (microsoft.public.dotnet.framework.aspnet.webservices) Can Web Service modify SOAP Header parameters? ... I built a test web service project in VS2005 and I'm tring to ... Public Username as String ... client is able to populate grid with received dataset ... I thought that most logical place to have tokens located is a SOAP ... (microsoft.public.dotnet.framework.aspnet.webservices) Re: How to eliminate delay making first call to a webservice? ... occurs upon the first request to the web service. ... typically the first call to consuming a webservice is some ... applications I use, all .net framework applications that consume ... (microsoft.public.dotnet.languages.csharp)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > DotNet  > microsoft.public.dotnet.framework  > 2006-09