Re: SSO



Unfortunately, integrated Windows authentication is not designed to work that way, so there isn't a really clean way to accomplish that.

Forms authentication typically supports things like idle timeout, but with it you lose the SSO experience.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
"AM" <AM@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:7C5F5C06-7A2C-4D84-875E-A1F7945B8799@xxxxxxxxxxxxxxxx
Hi All,
I know this question has been posted many times in this group and I did went
through and implemented the solution in my ASP.Net 2.0 Internet facing
application

I am using
IIS for integrated authentication
and ASP.NET for Windows authentication (<authentication mode="Windows" />)
as Dominick Suggested.
It works as expected, I sign into one app and I can go to my app2 and I am
already logged in

My Apps are set as follow
www.mydomain.com/app1
www.mydomain.com/app2
www.mydomain.com/app3

I am able to navigate to all 3 apps, back and forth without any issue.
The problem is my data is very sensitive, I want to make sure that once
users session times out after 15 minutes of inactivity the authentication
should be timed out too, meaning after 15 minutes of inactivity all my
session are cleared and I want user to be asked to re-login after sesson
expires.

In this case even after one hour of inactivity user can click on menu and it
will not ask him to relogin.
Is there any setting at AD level that I can set?

I am open for any other suggestion which does not require any form of cookies.

Thanks
AM


.



Relevant Pages

  • Re: Windows Integrated and the domain name
    ... Both NTLM and Kerberos authentication require the full realm and username - that's unfortunately the way both of those two protocols work. ... for a direct integrated windows authentication ... Microsoft Online Community Support ...
    (microsoft.public.inetserver.iis.security)
  • Re: Diff behavior for "Integrated windows authentication" in IIS6
    ... IIS6 Integrated Windows Authentication works just like IIS5. ... that user account to execute the request". ... execute requests on the server. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Using IIS w/ASP .NET 2.0 Web Application Projects
    ... If you select Windows Integrated Authentication, anonymous users won't be able to login. ... ASP.NET has a *separate* authentication configuration which IIS doesn't interfere with. ... Integrated Windows Authentication overrides the Anonymous authentication default. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Using IIS w/ASP .NET 2.0 Web Application Projects
    ... if you enable Windows Integrated Authentication, ... See my previous post for more details regarding use of Windows Authentication with ASP.NET. ... at least within non-ASP.NET IIS applications. ... Integrated Windows Authentication overrides the Anonymous authentication default. ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: Integrated Windows Authentication
    ... NTLM authentication, both of which are represented by Windows Integrated. ... to the resource is not a member of the same domain as the web server. ... |>Subject: Integrated Windows Authentication ...
    (microsoft.public.inetserver.iis.security)