Single sign on between ASP.NET and Delphi ISAPI application
Question
I need to develop a "single sign on" authentication between three ASP.NET applications and one Delphi ISAPI application.
Participants of scenario:
- UI asp.net application - it does make calls to the WS application
- BI asp.net application
- WS isapi module which contains soap services written in Delphi. (can talk with LDAP)
Additional info/constraints:
- WS application can talk with LDAP but that could be modified/extended.
- WS application performs (or not) business logic basing on a user identity.
- ADAM is a must (?) because there's a need of separate user container for every application instance (some kind of multi-tenant solution).
- Forms authentication is highly demanded.
My current idea is to use AD or ADAM as a user container. Use a form authentication and share a membership provider (http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx) between ASP.NET applications. Impersonate both ASP.NET applications (http://stackoverflow.com/questions/1066275/impersonate-using-forms-authentication) and then call a WS from UI application.
However, I don't know how to pass (and recive) the user identity (credentials?) on the side of WS module. Could that be handled by IIS somehow (and ADAM?) Probably they will use a HTTP digest or basic authentication. I'd be thankful for any information and advices how to make this work.
1 answers
solution1
0 2012-11-16 16:34:10
However, I don't know how to pass (and recive) the user identity (credentials?) no the side of WS module.
According to http://www.mombu.com/microsoft/microsoft/t-iis-60-single-sign-on-isapi-filter-14103802-last.html there is an AuthFilter example with source code in the Platform SDK.
This solution seems to be built around authentification Cookies , which can be passed between IIS servers.
If this Single Sign On example can be applied to your ISAPI application, it should be possible to pass the authentification Cookies from ASP.NET to the ISAPI side too.
(I am not an expert in this area, this suggestions is based on the first research results found in the web.)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.