We, at our company, are developing a file sharing application which will allow users to upload/download files. This application will be part of the suite of other applications. We will be adding a desktop client (windows app) which is an upload/download manager which will assist users to queue in multiple large files for upload/download. There are a couple of questions related to design for these applications:
1. We would like to implement Single Sign-On for all these applications (including desktop client). We would like users to login to web and once they do that, they can browse through applications without logging in again. We will be implementing a authetication service using WCF. The requirement is that we do not want to add authentication functionality to desktop client. So users will need to login to our web application.
We can write cookie to user's machines and will work for web applications. Can the desktop client use the same cookie to autheticate itself? Or there are other ways we can achieve it?
2. We also do not want that when desktop client is uploading/downloading multiple files that its session is expired and the user need to re-authenticate through web. How can we achieve it? How does other Upload/Download Managers (like MS File Trasnfer Manager) work?
Any help in this regard is appreciated.
View Complete Post