Single Signon Implementation in ASP.NET ( Different Domains with two different applications )

we have a production site like www.Domain1.com, and developing a new web application www.domain2.com, and would like to implement single sign on.

I am looking for solution pretty much like how google works like login to gmail, in gmail navigate to other google apps or we can open new window and we can use picasa or other google apps with out login.

I have found an interesting solution, where we wi开发者_运维知识库ll be developing a dedicated Authentication site like www.sso.com.

http://www.codeproject.com/KB/aspnet/CrossDomainSSOExample.aspx

we use webfarm environment, site 1 and site 2 will be deployed in webfarm environment, but when we deploy www.sso.com in webfarm , this solution will not work.

I am sure google might have implemented www.sso.com service in webfarm environment. i am trying to understand and implement the same.

Experts i kindly request your help in this direction , any information which helps me.

AFAIK, after Google authenticates user with main auth site/service, it issues a set of redirects to auth. end-points to all main domains with one-time secret key in URL, so each end-point on each domain sets auth. cookies for given user.

E.g. user signs in at http://sso.com/login, then he is redirected to

http://domain1.com/auth?secret=12345
http://domain2.com/auth?secret=12345
...
http://domainX.com/auth?secret=12345

And each domain sets an auth cookie to the browser.

Correct me if I'm wrong.