Enable/ Create SSO (Single Sign On) in Asp.Net MVC applications

Question

I want to implement/enable SSO (Single Sign On) on my Asp.Net MVC applications.

Please consider the points below below for your kind suggestions:

• I have 3 Asp.Net MVC applications where I want to enable SSO for them.

• I know I can achieve SSO by ADFS (Active directory Federation Services), but I don't want to use it as I want my external users (end-users) to login in all my 3 applications via SSO.

• (Correct me If I wrong here because as far as I know, ADFS can be used for Active Directory users (meaning company-wide internal users) and not for external end-users. If we can use ADFS for external users, please do let me know how we should achieve it.

• I also don't want to use OpenID.

• I want to build SSO own for these 3 applications and want to enable SSO between them.

• I want to build SSO that can be used in production environment for these 3 applications.

Could you please give me your suggestions on it about how would I achieve SSO by considering all above points?

Thanks in advance and all suggestions are welcome!

Answer 1

Are your applications in the same domain? If so, can you use Forms Authentication Across Applications?

Answer 2

The suggestion would be to use the IdentityServer (http://thinktecture.github.com/Thinktecture.IdentityServer.v2/), a replacement for ADFS, which uses the same authentication protocol (WS-Federation) but allows you to plugin your custom membership provider.

In addition, the IdentityServer supports some features ADFS lacks and is quite extensible.