Reputation: 11
SSO Implementation using DotNetOpenAuth
I've been tasked with implementing SSO across a number of our sites and have a number of questions regarding best practice, etc.
The main .NET site has an existing user table with thousands of registered users which should be able to log in to a number of other 'sister' websites, some of which might be built using PHP. From looking at the examples, it seems this would be the OpenIdWebRingSsoProvider and the other sites would implement the OpenIdWebRingSsoRelyingParty code. Is this correct?
One other question I have is if a user logs in to the main site using Facebook for example, then decides to log in to one of the sister sites using Google, how would the system know this should be the same user. I'm a bit confused with this aspect of the system.
Upvotes: 1
Views: 279
Answers (1)
Reputation: 3070
Usually you create your own user base where a user might have few social account linked to your local user.
That means a user Who signed in using a social account should be linked to a local account confiming local account supplying local credentials or creating a local account if he does not have one. Once user is logged in, having a local account too, he might explicitly link its local account to others social accounts.
I understand that's sound a bit of overhead, but is a common pattern.
Upvotes: 1
Related Questions
- DotNetOpenAuth: How to implement a simple OpenId provider?
- dotnetopenauth Samples - Step by step introduction
- OAuth with DotNetOpenAuth?
- Single Sign On-- SSO
- how to implement single sign on using DotNetOpenAuth?
- SSO with OpenID
- How to get started using DotNetOpenAuth
- DotNetOpenAuth authentication
- Two legged OAuth using DotNetOpenAuth
- DotNetOpenID Programmatic Login