Dave Burke : Freelance .NET Web Developer specializing in Online Communities

Single Sign-On Quest Begins

I’m on a Single Sign-On quest.  I won’t be happy with my working knowledge of Community Server until I can integrate Community Server Authentication with other methods first hand.  Some other quest will surely follow when this one's done, but for now my latenight geek hours are commited to the goal of setting up three Community Server 2.0 sites with Single Sign-On using Windows Authentication, ASP.NET Forms, and Custom Cookie authentication.

The docs on the Single Sign-On CS Add-ons are actually very good.  If they are read at face value, a lot of the confusion in implementing SSO can be eliminated.  Looking at the first statement on the general description page, for instance, it says,

"Community Server single sign-on modules enable you to integrate Community Server with any authentication system employed by your current site."

That's the simple trick to making Single Sign-On work and explaining what it does: it integrates CS authentication with an existing site authentication model.

The quest began this afternoon.  My http://cscookies, http://csforms and http://cswindows sites are created and ready to go.  The parent http://cscookies cookie management code is written and ready to install CS in an application subdirectory.   ASP.NET forms setup at http://csforms will be next, maybe yet tonight.  Windows authentication in http://cswindows is strictly an IIS configuration issue, so nothing to do in the parent application for it.

Here's a screenshot of the cookies root, where the Custom Cookies Security authentication will be managed to pass various accounts to the CS application by way of the shared cookie.  The ASP.NET Forms authenticating parent at http://csforms will have similarly simplistic logic to test passing various accounts to the CS application.




I'll chronicle the quest as I go.  For now I'll make sure the parent authentication is in place for Cookies and Forms and then we'll look at the process of installing CS in application folders and melding the authentication with the parent apps in perfect harmony.

And enlightenment followed him.

[tags: Community Server]

Comments (6) | Post RSS RSS comment feed

Posted on 6/15/2006 7:48:00 PM by Dave Burke
Categories: Community Server
Tags:

Related posts

Comments (6) -

6/16/2006 2:21:00 PM Permalink

Bet ya can't make it work with DNN? Smile

The Wizard |

6/16/2006 2:24:44 PM Permalink

Wizard, No, but I have contacts who can... Smile

Thanks for the challenge!  But that's not on the list.  Besides, it's a pure Custom Cookie Play anyway.

daveburke |

6/16/2006 3:10:04 PM Permalink

I am just teasing anyway DNN yuck! ;-p

The Wizard |

6/16/2006 6:27:22 PM Permalink

Hi Dave,
I was actually curious how you implemented all those host names.  I assume you don't have a house full of spare servers.  Smile
Are you just doing tricks with your lmhosts file?

Todd |

6/16/2006 8:14:44 PM Permalink

Hey, Todd!  Not a house full, just an office full.  Four of them.  Two running Windows 2003 Server and two Windows 2000 Server.  DNS services running on my PDC with Active Directory, so I can setup IIS sites in a jiffy by adding a DNS host and static IP.  But it's strictly a working network.  I don't have anything fun installed on my network, and my daughter's PC is more powerful than anything I've got.  But yeah, I can create IIS sites like a crazy man!  

daveburke |

10/11/2006 7:35:20 AM Permalink


Soory for the duplicate, this time with my web site!!

I wanted to do something like this using plain old asp.net. ( so that I can learn)
I have a.aspx and b.aspx.
a.aspx in one domein and b.aspx in another.
If I have code for b.aspx I can use querystring and response.Redirect to pass parameters from a.aspx to b.aspx.

But what if I DON'T have code for b.aspx then how do I pass user name and password from a.aapx to b.aspx and automatically filland press "OK" button ( or whatever button is mentioned on the page ).
What I am trying to do is automatically enter user name and password in b.aspx and click button so that the user of a.aspx don't have to enter his credentials again. ( Like Single sign on )

As I said before if I have code for b.aspx I could do it but what if I don't have code for b.aspx?
Any pointers ,

Shant Kane |


Powered by BlogEngine.NET 2.0.0.36
Theme by Dave Burke