I have a requirement that I can't seem to figure out mainly because I don't have much experience with single sign on. I am currently using Forms Authentication with Active Directory on 3 to 4 web applications. My requirement is to have a "central" login. If a user has access to App 1 and App 2, then they are allowed to see those two apps. If a user has access to App 2 and App 4, then they can only see those two applications. I have recently set up an Active Directory Role Provider with the help of this link here.
I have also looked into the single sign on options on the internet. So far, I have come across a few that looked pretty good. However, I think I'm running into trouble because I'm using Active Directory. This one here works very well for the basic Forms Authentication, but I'm unable to tweak it with AD properly.
I then moved on to try a cookie solution here. I'm able to view the cookie on App 2 but I have to sign in again to be allowed to view the complete application.
I have even found solutions here but I can't seem to find an example to do it the way I need to. I have found many different techniques on how to do SSO but I'm having no luck and was wondering if someone could point me in the right direction.
One option that I thought of was making a separate application that handles login, and directs them to a "Dashboard" where I can then give them access to applications based on their groups in the AD. Would this be a feasible solution?
If any other information is needed, please let me know! Thanks!
