dotnet web services: We have a web app that is shared by several clients, and currently uses forms
authentication.

Two newer clients would like to use SSO, so that their users don't see the
logon page.

They both use 3rd party products to handle SSO with their other vendors.

One uses Kerberos tickets. The other uses SAML 1.0 tokens.

Is it possible to setup a WebSSO / ADFS solution that can handle both types

=?Utf-8?B?QW5kcmV3IEhheWVz?= <AndrewHayes@discussions.microsoft.com>
wrote in news:4EE463CE-7BC8-4226-AA01-859A1252A2FF@microsoft.com:

[quoted text, click to view]

This is the wrong group, you should try posting into the ASP.NET group
instead to get help.

Nevertheless, SSO is a tricky issue, and even more so when you have to
support multiple products. Most products install an agent software into
the web server to intercept authentication and authorization requests.
How you integrate into each product is slightly different. In the case
of Sun One, if your ASP.NET pages are hit, you can consider yourself
authenticated. The agent software also injects HTTP headers to inform
you of user specific information.

So what are your requirements exactly and what would you like to do?


--