.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Post New Web Links

Implementing Single Sign-On using SAML 1.1, x.509, LDAP in C#.net

Posted By:      Posted Date: September 07, 2010    Points: 0   Category :ASP.Net
Hi, I got a requirement from the client i.e implementing single sing on using SAML 1.1( LDAP & X.509)in .net. I searched almost entire internet but no use. I have perfect knowledge regarding SAML but i dont know how to implement it in C#.net. Where do i get any papers or document that tells how to implement SSO using SAML in .net . What are the key steps involved in implementing it? What are the topics i need to cover to complete this task. I am literally struck at this point, any help would be apprciated. Thanks in advance sam

View Complete Post

More Related Resource Links

Single Sign On Feature through LDAP


Hi All,

Am trying to implement the Single Sign On feature through LDAP authentication.

For which in my web aplication i want to determine the Windows logged in USername For ex. If i am accessing this web application in my machine...i should get my login username - Rupesh.bhatia

I have tried following things but of no use....


All the abbove codes give me username of the server machine on which my web application is hosted....and not of the client machine where the application is browsed...

Kindly guid me on this.....It's very urgent...

Any help/suggestions is highly appreciated......Thanks a Lot


Rupesh Bhatia

Single Sign-On: A Developer's Introduction To Active Directory Federation Services


Use Active Directory Federation Services to allow other organizations to use your Web applications without the need for you to grant access explicitly.

Keith Brown

MSDN Magazine November 2006

MVC, Single-Sign-On and Roles

I have basic Single Sign-On working across 2 MVC sites (call them SiteA and SiteB) using something along the lines of the following method:http://forums.asp.net/p/1023838/2614630.aspxThey are on sub-domains of the same domain and share hash\encryption keys etc in web.config. I've modified the cookie so it is accessible to all Sites on the same domain. All of this seems to be working ok.The sites are on seperate servers without access to the same SQL database, so only SiteA actually holds the user login details. SiteB has a membership database, but with empty users.This works fine for my required scenario which is:1) User logs into SiteA2) The application loads data from SiteA (by AJAX) and SiteB (by AJAX using JSONP)I have the following LogOn Action on my AccountController for SiteA, which is where the "magic" happens: [HttpPost] public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (MembershipService.ValidateUser(model.UserName, model.Password)) { FormsService.SignIn(model.UserName, model.RememberMe); //modify the Domain attribute of the cookie to the second level of domain // Add roles string[] roles = Roles.GetRolesForUser(model.UserName); Http

Claims Walkthrough: Creating Trusted Login Providers (SAML Sign-in) for SharePoint 2010

Learn how to create a custom security token service (STS) and set up a trust relationship between a SharePoint 2010 farm and the custom STS

Can i use Single Sign on Sharepoint 2010?

Can i use Single Sign on Sharepoint 2010?

Single Sign On to external system via iView?

I have Page iView in the SharePoint 2010. I have another non MS based external system where I should make integration. iView is great, but I need authentication as well. What is needed to create SSO to authenticate to the external system and display view to the external system via iView? Is it mandatory to external system to support SSO? Both SharePoint and external system have SSO account mapping?Kenny_I

Single Sign On for Sharepoint and external applications

We would like to set up our Sharepoint 2010 Server to allow for single sign on. Right now when a user accesses the site, they are prompted for their username and password, whenever they open a file from a document library they have to put in their username and password. I am sure there is a way that we can set up Sharepoint to not require this every time they access the site and/or documents, by using their windows login like Dynamics CRM does.   Can anyone assist us in getting this set up properly? Thanks in advance!

How Configure Sharepoint Single Sign-On for External Domain User?

Hi, Good Day All, How to configure MOSS 2007 single sign-on For External Domain User, these external domain users are in the members of internal domain but when they access portal out side the domain then portal ask his credential. Is there any way to provide/Configure Sign Sign-On facility for External Users. Thanks, Iftikhar Hashmi

Digitally sign SAML assertion with the user's certificate

I know how to digitally sign a SOAP message with the server's certificate using WCF, but is it possible to sign the SOAP message or maybe a signle element inside the message with the user's certificate without having the user's certificate in the server's key store? For example, can a SAML assertion or other element be created, then the user prompted to sign that element, and then have then element (with the user's signature on it) placed in the outgoing message?

Single Sign On Web and Windows Apps

Hello, We, at our company, are developing a file sharing application which will allow users to upload/download files. This application will be part of the suite of other applications. We will be adding a desktop client (windows app) which is an upload/download manager which will assist users to queue in multiple large files for upload/download.  There are a couple of questions related to design for these applications: 1. We would like to implement Single Sign-On for all these applications (including desktop client). We would like users to login to web and once they do that, they can browse through applications without logging in again. We will be implementing a authetication service using WCF. The requirement is that we do not want to add authentication functionality to desktop client. So users will need to login to our web application.  We can write cookie to user's machines and will work for web applications. Can the desktop client use the same cookie to autheticate itself? Or there are other ways we can achieve it? 2. We also do not want that when desktop client is uploading/downloading multiple files that its session is expired and the user need to re-authenticate through web. How can we achieve it? How does other Upload/Download Managers (like MS File Trasnfer Manager) work? Any help in this regard is appreciated.

LIKE Condition - Single Percentage Sign Matching?


What is the expected behavior when a LIKE condition specifies a single percentage sign? For example, if I have a Customer table with a CustomerName field and I write the following SQL Query:

SELECT * FROM Customer WHERE CustomerName LIKE '%'

  1. Does the single percentage sign negate the LIKE condition?
  2. Would this specific statement be equal to just SELECT * FROM Customer?
  3. Finally, does this work with all data types, or just char/nchar/varchar/nvarchar?

need help about Single Sign On in asp.net


Hello friends 

I am trying to use the concept of Single Sign On (SSO) in my asp.net application. 

for the purpose i have created a main domain say mydomain.com

now i have 2 subdomains sub1.mydomain.com & sub2.mydomain.com. 

I am running these very fine. But now I want to have a SSO for my domains. For the same have 

googled lot and found some stuff such as adding machine key to web.config and specifying domain names in cookies. 

But it is not at all working for me. when I specify the domain name for cookies i am unable to sign out. 

I am using FormsAuthentication in asp.net. 

Following is the code I have in my web.config.

<authentication mode="Forms">
	<forms name=".ASPXFORMSAUTH" path="/" loginUrl="myHome.aspx" protection="All" timeout="1339" domain="mydomain.com">
<machineKey validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D"
				decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F" validation=&quo

Single Sign on - Manage settings for enterprise application definitions - Individual / Group



I am using Microsoft Single Sign On service in context to Sharepoint server 2007.

I want the external applications to use the single sign on service for authentication within a secure Enterprise portal environment.

Here the external application should be authenticated via single sign-on. But while configuring SSO in Share point central admin, it offers two methods of "Manage settings for enterprise application definitions" which is Individual and Group .

According to my requirements,

1. I need some set of users (may be a group of users) to make use of credential1 to authenticate the external application. so Group should be mapped to one common external credential1 .

2. I need rest of the users who does not belong to the above said user group should use individual external credentials mapped to Individual user .

I need both of these scenarios to be handles using a single Application definition created for my external application.

So suggest me an ideal way to achieve this mixed Individual and Group credential mapping in SSO



Thanks, Kesavamoorthi

single sign on was not installed


Hello, I installed Sharepoint 3.0. As far as I know Microsoft Single Sign On should have been installed automatically by installing ss. But the service is not there (at services.msc).  Can you help me out?

Single sign on different domains...




Here is my scenario...


I have a web app located at www.MyMainSite.com and I have several domains, such as www.MyFirstSite.com, www.MySecondSite.com, etc. all pointing to the same directory in IIS.  I use Host Headers to acheive this by setting the 'Host Header Values' under properties for the main site (under the Web site identification section).  Based on the host header value I perform different functions in my pages.


Because of the way I have it set up, all the domains share the same files, web.config, etc.  I have set the 'machinekey' in my web.config and have forms authemtication.  However, when I go to MyMainSite.com and log in and then the user clicks a link and gets directed to MyFirstSite.com the user is shown as logged out.  I need the user to be logged in and I need to be able to access the logged in user profile to display certain information.  I thought by setting the 'machinekey', i could acheive this, but it does not seem to work. 


Can someone please explain to me how to go about having a single log on for my users?


The articles I have found show

Single Sign On



I have one asp.net application and one sharepoint 2010 site which are using forum based authentication and same membership provider. How can i make these two applications into single sign on. e.g., once i log in to asp.net application, it should not be required for entering user name and password again when user navigate to sharepoint site.

Any replied will be appreciated.



About single sign On



we have a extranet sharepoint site(Form based authentication).After login into site there are couple of links on the home page.If you click on the link it will take to you to another website(PHP based sites and it will ask authentication).

can i implement single sign on for entire application?

Please ask me if you dont understand my question.

I am very thankful for your reply.



ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend