Single Sign-on & Sharing User Credentials between CSLA and WSS

Single Sign-on & Sharing User Credentials between CSLA and WSS

Old forum URL: forums.lhotka.net/forums/t/4401.aspx


vdhant posted on Saturday, February 23, 2008

Hi guys
Just wondering if anyone has any ideas on how to pass User Credentials between CSLA and WSS (does the fact that CSLA uses IPrincipal and HttpContext.Current.User help at all)?

Also, this may have already been discussed but i have multiple websites that will be using CSLA each on a different domain and app pool and i was just wondering if anyone has any ideas about the Single Sign-on story that is available with CSLA and .net in general (again does the fact that CSLA uses IPrincipal and HttpContext.Current.User help at all)? Note, I am looking for an answer that doesn’t involve using windows authentication.

Thanks
Anthony

cliffordru replied on Monday, February 25, 2008

Anthony,

In the past I have set up SSO between multiple ASP.NET web sites (running on the same server) that are using forms based authentication in conjunction with both the default membership provider and a custom membership provider (as outlined in Rocky's book), using the custom Principle and Identity objects. 

To get this to work, you need to add a <machineKey> section with its value inside the <system.web> element in your web.config and use the same value for all of the sites you want to set up with SSO. 

<machineKey       
validationKey="thekeyvale......" 
decryptionKey="thekeyvalue....."       
validation="SHA1"/>

You should encrypts this section of your config file.

Then you will want to use the same membership provider for the sites as well as the same login page.  To use a login page not part of the local site use:

<forms loginUrl=http://localhost/SomeApp/Login.asp  name=".SomeName"/>

I have not tried but you may be able to extend this to an ASP.NET and WSS scenario.  Hope that helps.

Cliff
http://www.graytechnology.com/blog/

Copyright (c) Marimer LLC