Here's the scenario - a customer has multiple SharePoint applications, all using Windows authentication, co-existing in a single farm. Domain accounts were created in the self-contained SharePoint domain for thousands of external users across lots of different outside companies.
URL names for the applications are in the format:
i.e. they are all in the same internet facing domain.
These external users access different applications in the farm (there are links in each app to the apps), and need to logon multiple times - once for each app. The customer would like to implement a solution that allows them to keep the apps separate, but allow the users to login once. Since the applications were developed by different companies, and to keep things simple, a solution that is transparent the various applications would be preferable.
Additionally, when these external users change their passwords or access documents via Word, Excel, there are often access issues and lots of additional password prompts, causing an administrative nightmare. User accounts number in the tens of thousands, so support requests pile up fast.
I've seen people discussing similar (but not identical scenarios) where the solution involved a "secure reverse proxy" (Such as Micros
View Complete Post