perhaps a web service or use of something like passport...
"MarcoG" <nospam@nospam.com> wrote in message news:45e2e750$0$4794$4fafbaef@reader4.news.tin.it...
> Hi,
>
> I have an online application (written in .asp) that requires a login to be
> accessed and used. I have a login.asp page that asks for username and
> password, looks up in a MS SQL db if a combination of those
> username/password is available and, if so, sets a session variable and goes
> to home.asp (this page checks if the session variable has been set, and if
> not, redirects to login.asp). That's the usual method in .asp to make
> password-protected pages. This way, the SQL database contains all usernames
> and passwords.
>
> Now I have a company that wants to use my application (hosted on my server)
> but does not want their users to make a double login, I mean one login to
> their network and one login to my application. They want a way so that my
> application recognizes their users and logins automatically; in a few words,
> their users should be allowed to go directly to home.asp without first
> stepping to login.asp.
>
> They are using a Windows network, so I looked into using Active Directory
> (LDAP) integration in .asp pages but:
>
> 1) Can you tell me a source where I can find simple integration information?
> I found a lot of information, but nothing is very simple
>
> 2) Since my application is hosted on my server (on-line and outside their
> network), I don't think I'll be able to use AD integration, because I think
> they should be in the same domain
>
> So, my final question is: how would you approach such a problem? Googling on
> the net I also found this page
>
http://www.google.com/a/help/intl/en/admins/editions.html where Google
> offers a single sign-on to their application via API. I think they don't use
> AD integration, but they achieve exactly what I need (a single sign-on). So,
> how can Google do such a thing? What approach are they using? I can develop
> a login API for my application too.
>
> Thank you.
>
>
