Hi All
I am working on a single sign on system which a load of other web applications will use as its membership provider. I currently have the system up and running in ASP.NET MVC and everything works well, users can log into an application once and have access to all the other apps through that login cookie.
The problem is that users dont all have access to the same apps, this is currently handled at login and if they dont have access to the app they are denied. However with the cookie being set automatically by asp membership, if they do login to an application they have access to they are then given access to all the other apps via the cookie, including the ones they dont have access to.
Any ideas on how to fix this? Ideally I want the cookie to remain as part of the process as I like the idea of a user logging in just once to access all the apps they have. Ideally the applications will maintain the login details but check a webservice if those details have access to that app? I wont have access to the individual applications (they all use standard out the box asp membership, only the web config is altered to point to my system) and all this must be managed by the Signle Sign On area.
Many thanks in advance to those who contribute!
