Store Role in Form Authentication Cookie for SSO Authorization
This article explains about Customize Form Authentication for store role information with username in Form Authentication Cookie. Storing role in authenticated cookie help when we use SSO -Single Sign On functionality for authentication and role value used in authorize user.
I am working on SSO- Single Sign On Functionality with Disconnected Architecture. SSO for Cross Domain or Sub Domain. I have three sub domain web site which share common Authentication but hosted at different place like GoDaddy, BlueHost, Big Rocks etc. These system first request for valid authentication and then further processing is done. As all user info is store in main server other Sub Domain do not contain any information about user or role.So Any How I need Functionality for Single Sign On With Authentication as well as Authorization and Finally I found this solution for requirement.I will guide you internal structure of Form Authentication and also customize Form Authentication Cookie for store Role or other information which is useful for SSO- Single Sign On for Authentication as well as Authorization.
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(2, username, DateTime.Now,//Cookie Issue Date DateTime.Now.AddMinutes(30),//Expire Date isPersistent,//Is cookie Persistent or not userData,//Custom data here we store current authenticated user's role FormsAuthentication.FormsCookiePath); // Encrypt the ticket. string encTicket = FormsAuthentication.Encrypt(ticket); // Create the cookie with authenticated ticket. Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
In above code once user is successfully authenticated with valid credential web can create FormAuthenticatationTicket by storing current user's role information. I have reference above code from MSDN . For More information you can visit this link.
How to access this role information while request in other system?
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(FormsAuthentication.FormsCookieName); String data = ticket.UserData; String roles = data.Split(',');//If you have store multiple role or data with Comma value
As from the above code, we can decrypt authenticated cookie and extract all information we have set like Username, Cookie Issue Date, Expire Date,Userdata etc. As Previously we have store role information in userdata property we can retrieve User's Role value and check whether user have valid access right or not.
In this article we learn store role information with username in Form Authentication Cookie by Customizing Form Authentication Ticket. So we use this custom field in SSO- Single Sign On Authentication and Authorization on Sub Domain project.
Post a Comment