App still redirecting to login page after logging into SSOSite

Aug 16, 2007 at 3:51 PM
Hi,
I installed the application as per the instructions. I'm able to log into the site with the test credentials and I'm redirected to the default.aspx page.
Here I have added two links to the SSOtest site as well as SSOtest site2, a clone of SSOtest site.
However on clicking these links , I'm still directed to the login.aspx pages of respective sites.

Did i miss out on something?
Coordinator
Aug 23, 2007 at 2:22 PM
Edited Aug 23, 2007 at 2:23 PM
check out your web.config on the clone site make sure you allow access to the right groups or users to the page you're trying to get to after logging in. I'm betting the login your using doesn't match the credentials authorized for those pages.

The other important thing is to always put your allows before your denies. If you do it in the reverse order, it will not properly allow the roles or users you want to have authorization.

typically, you can set a global authorization on the site via:
<system.web>
<authorization>
<allow roles="TestUsers"/>
<deny users="*"/>
</authorization>
</system.web>
Oct 15, 2007 at 9:55 AM
Hello,

I do exactly the same as vickey : copy/paste the test site (so the web.config content is similar, and comply to the rules you specified).

And I have the problem, when I logon to the first test site, I have to log again for the second site... and then the first site lost the connection !

Do you have any idea ?

Thanks
Coordinator
Oct 15, 2007 at 2:33 PM
Edited Oct 17, 2007 at 1:34 PM
I probably missed this when answering this previously. But it seems as though you're running two individual web applications (sites) and trying to get them to share an authentication session? So if you login to one and then connect to the other, your desired result is to have it already authenticated with the second site?

If that is the case, then that cannot happen with this solution. Each individual site runs inside its own app domain and contains its own session information. Which means even if they use the same user base, they still require authentication individually. The benefit of this project is that they can share the same username and password for both sites, but they still need to login to each site separately.

The configuration between the test sites and the SSOSite are completely different as far as how they talk to their security provider. SSOSite should be setup so its security provider uses a database. Then the test or client sites will actually use SSOSite as their security provider. You should copy the SSOTestSite or TestWindows app as the baseline for new sites, and copy SSOSite if you want to integrate it into your own main website.

Did I answer your question?

Thanks,
Nathan
Oct 17, 2007 at 11:04 AM
Thank you for the answer, this is effectively the behaviour I want to obtain.

I have found a beginning of solution, but I'm not sure about the security.
In my case all my (web) applications are on the same domain, so they can share their authentications.

This page http://weblogs.asp.net/scottgu/archive/2005/12/10/432851.aspx explains how to share the authentication cookie. And after do that, when I logon in one application all others are automatically connected (even if they are in different solution) as longer as they are in the domain (here my localhost)

Benoit
Coordinator
Oct 17, 2007 at 1:38 PM
Nice! I'll take a peek at that. I might be able to integrate something here. I realize that maybe the tag name "SingleSignOn" might be a little mislabeled in its current form. In this situation there are two forms of "single sign on" (shared user info and shared session), and I'm only implementing the first one. I'll toss up a proposed work item for it.

Thanks,
Nathan
Coordinator
Oct 17, 2007 at 1:40 PM
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.