CODEWITHSUNDEEP
asp.netauthenticationactive-directoryldapsingle-sign-on
Matt Roberts
Matt Roberts

Reputation: 26877

SSO from external web app to multiple LDAP (AD) providers

We are looking into a solution for this problem:

We host a ASP.NET web app externally on a dedicated web server which is on its own domain. We have a client who use the web app exclusively, and want SSO using their windows credentials to automatically authenticate into the web application without having to log on. This client has users on 3 different domains across the world, so some users might be on a UK domain, others on a USA domain, etc.

So far, I'm looking at a couple of options:

1) A custom LDAP membership provider that somehow can authenticate against these external AD sources. Not sure if this is possible yet...

2) CAS (http://www.jasig.org/cas) to create a central auth service, that can hook into the AD sources. Not sure if its going to be possible to hook CAS up to multiple AS sources.

Does anyone have any thoughts or similar experiences that they can share for achieving this?

Thanks

Upvotes: 2

Views: 1735

Answers (2)

Arvoreen
Arvoreen

Reputation: 31

It is possible to hook up CAS to multiple AD sources. We have something similar setup now for our external portal. External customers are stored in a custom user table, while internal users are in 1 of several AD domains. We had to write a custom authenticator that could do the appopriate lookup up (table, versus one of several domains), but it was fairly simple to write.

Upvotes: 2

serialhobbyist
serialhobbyist

Reputation: 4815

I've no experience with it but I think Active Directory Federation Services (ADFS) is designed for this sort of thing.

Upvotes: 1

Related Questions