开发者

Passive STS to allow single sign-on for Silverlight app and a Classic ASP web site

Currently I am working on a LOB Silverlight application. Eventually, I need to implement a single sign-on for the new app and an old Classic ASP w开发者_运维技巧eb app. Right now, the Silverlight App is secured using Forms Authentication through a custom Membership Provider.

Reading online, I've come to think that Passive Federated Security is what I need. But, I am struggling with following questions:

1) What is a relatively painless way to set up STS. I don't really want to spend a lot of time setting this up. I've take a look at WIF - it seems to require some platform changes so that really is not an ideal solution [Even though it seems relatively easy to set up]

2) How do I integrate Classic ASP app to use the STS? - Currently it is validating against a custom userStore and putting the authentication/authorization info in the session.

3) Eventually, users will be accessing both apps through a third-party portal that authenticates them outside of our organization. So, somehow the portal would need to be able to issue Security Tokens [SAML??] that the STS will understand.

I am currently focusing on 1 and 2. If anyone has even a slightest insight into this, that would be greatly appreciated.

Thanks, Ravi


The latest Identity Training Kit contains a full lab that demonstrates SL + claims identity.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜