Re: Single sign-on between web & desktop



Can you use integrated windows authentication for this? That is by far the
easiest thing to do.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"buu" <buunguyen@xxxxxxxxx> wrote in message
news:cdd93564-be68-4d07-b2d9-8b452aaa001b@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi everyone,

We're developing an application which include both web-based (ASP.NET)
and desktop (WinForms) applications. User credentials come from a
Windows domain. We want to enable single sign-on between these
applications. Two expected usage scenarios are as follows:

1.
- User login to web app using his/her Windows domain account
- There is a link in a web page for the user to launch the desktop
component
- The desktop app (already installed in user's workstation) is
launched
- User can access to privileged information without having to logging
in again

2.
- Continue from 1
- User clicks on a link or something to launch back the web
application
- The web site is opened in the browser
- User can access to privileged information without having to logging
in again.

One way we can think of is to have the web & desktop apps communicate
the a security token (which is issued to map with a specific domain
account after the user logs in) via cookie. However, this is really a
hack and we wonder if there's any pattern that addresses this need.

Thanks in advance!

Regards,
Buu


.