Single SignOn with ASP.NET Membership and WebServices

I have begun planning for integrating several separate login systems under
one authentication server. We don’t want to use MS Passport or typekey (though this kerebos article looks nice) and some of the apps already use
the ASP.NET 2.0 Membership system. The Membership system can support multiple
sites, but the SqlMembershipProvider must have direct access to the SQL Server
providing authentication. Otherwise, you’re out of luck. So I thought it’d be
nice to create a MembershipProvider that talked to a WebService hooked up to a
SqlMembershipProvider. Here’s my setup:

Authentication Server Website
This is the central login
server. It uses the normal SqlMembershipProvider (it could actually use any
MemebershipProvider) and has a WebService called SingleSignOn.AuthenticationServer.MembershipService.

Authentication Client Website(s)
These sites use a
MembershipProvider I wrote called SingleSignOn.AuthenticationClient.WebServiceMembershipProvider. It
impliments all of the methods of MembershipBase and each method makes calls to
the MembershipService on the Authentication Server. Since the provider model is so awesome (thanks Rob) requires
absolutely no code changes other than adding the new
WebServiceMembershipProdiver to the web.config. Another Provider could be built
for Profile and MemberRole, but for now I just wanted Authentication.

There’s still a lot to do (some methods are still just stubs) to make it work
in a real world scenario (caching, https, WSE stuff, etc.). I also haven’t
decided what the best way to handle the ApplicationName or how I want to do server authentication.

As always, let me know if you’re interested in the code.

5 thoughts on “Single SignOn with ASP.NET Membership and WebServices

  1. A while back I wrote about a Login provider for ASP.NET that uses WebServices.The code is now available…

  2. Hey, I am researching this exact problem. Could you please point me to the code that you have made available?
    Thank you in advance.

  3. John, I thnik you have choosen the correct approach for SSO. From few days I am mingling over the similar solution and when I came across the post, I know its the exact way to GO. Can you supply the code so that I can check whether we are on.

Comments are closed.