Reputation: 23841
Is federation a valid approach for cross-domain SSO In case all the RPs and the STS are developed internally?
I need to implement Single Sign On feature for several internal web applications which are not deployed on the same domain.
Is federation a good solution in my case? Or it is only used if I want to federate the authentication to an external IdP.
I mean I want to create a custom WIF STS and make all the applications claims-aware RPs.
I'm thinking of it because I don't want to use custom solutions or third party libraries. WIF seems to have a straightforward solution integrated with .Net Framework.
Is my suggestion correct? Or this is an incorrect use for WIF.
Upvotes: 1
Views: 234
Answers (1)
Reputation: 46700
Yes - a solution with WIF / STS will work even if it's only internal.
Beware of security if you roll your own.
You may want to look at ADFS or IdentityServer.
Going this route will make your life a lot easier.
Upvotes: 2
Related Questions
- Do I need a federated Identity Server for SSO if I'm a small service provider application?
- Single Sign On across multiple systems including third party systems
- Can we implement SSO federation in ADFS using multiple relying parties?
- WS Federation: Is SSO apart of the WS Federation specification?
- ADFS 2.0 IDP-Initiated SSO
- How to integrate STS with third party Single Signe On (SSO) in mvc web application
- Advice on SSO solution for cross platform and domain sites
- Single Sign On (SSO) Scenario - Please Provide Guidance
- Implementing SSO using Passive Federated Identity and login page on relying party
- web application in different sso federations