开发者

How to authenticate sub-domains with same credentials

NET 2.0 Domain ie..xyz.com and 2 subdomains 1.xyz.com and 2.xyz.com - all three use the same dbase security via SQL but are writt开发者_C百科en in as separate applications C# and VB.

How can I easily manage the login credentials across sites since the authentication will need to occur separately in each web app, I would like to make it seamless.. Can I store in cookies and have login.asxp check the cookies.. surely but I need guidance in how to write this...Craig


Since you're considering using cookies, I'll assume what you're asking is how to implement Single Sign On (SSO) for your web application users. They log into one site and have access to multiple sites in the same domain without having to re-type their password.

There are probably many ways to do this, and I doubt you would ever come up with a single way that any group of IT security people would agree is secure. IT security sort of works that way for some reason.

Anyhow, you might look at how Kerberos [http://en.wikipedia.org/wiki/Kerberos_(protocol) ] performs authentication. It can be a bit complicated to get set up properly, but it would allow you to "kerberize" your applications and provide single sign-on. This has some issues though in that the web client can't be entirely trusted to not allow the user's password to be disclosed. This might be a risk you're willing to accept depending on the importance of the data.

There are probably some Open ID solutions that might work too, but I'm not all too familiar with the protocol in particular. A lot of businesses would have a problem with their users visiting a third party side to establish credentials, so that might be out. Based on the URL authentication, you may have to end up reverse-proxying all your sites to make it so that users don't have to set up authentication to each application at least once.

Hope it helps.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜