Our intranet is made up of several webbased asp/sql applications and I'm trying to make a seperate login application to reduce the amount of logging in users have to do during the day. The ideal is 'one user - one password', with a page to show people exactly which applications they are authorised to use. The problem is (which I stupidly didn't anticipate before I started this) is that all these internal applications are on different websites set up in IIS. (i.e. so I'm finding it hard for the login page to tell these websites that the user is, in fact, logged in.
I tried cookies and sessions (querystrings are out because it would defeat the object of security) but they won't transgress websites. So, I tried to use a hidden form field which would be submitted between applications - but that doesn't seem to to work either. Has anyone got any suggestions? I have full control over IIS and the web server and the sql database. I would be most pleased with any help.
Cheers, clever people
Sarah
I tried cookies and sessions (querystrings are out because it would defeat the object of security) but they won't transgress websites. So, I tried to use a hidden form field which would be submitted between applications - but that doesn't seem to to work either. Has anyone got any suggestions? I have full control over IIS and the web server and the sql database. I would be most pleased with any help.
Cheers, clever people
Sarah
WASN'T FIT ENOUGH FOR THE POLICE FORCE