Subject: SSO OnDemand where portals count ~25000!
Date: 2011-04-12 14:56:36
From: Dmitry -
Source: sso-ondemand-portals-count-25000


Raw data:

We are developing a portal based on the engine DotNetNuke Framework. In our case, the number of portals can be from 200 to 25000! Each portal your own domain name, such as "", "", "", call their service providers. One of the portals is a major, let's call it "".


Need to make a single entry system for all users on all 25,000 portals, through a form of authentication the main portal "". It is important to input and output at each portal was carried out on request. Under the phrase "on demand" mean the fact that any user access to specific portal, not a fact by pressing "enter" or "out" on each of these portals alone! Summarize the problem: When attempting to access a user to any page of any portal must authenticate the user to check the facts on the main portal, if the user is not authenticated at the main portal "", it checks whether the user is authenticated in the current portal (if yes, then logged out user on the current portal), after which the page is loaded as usual. If the user is authenticated at the main portal "", then made Automatic user authentication on the current portal and then continues normal page loading. In other words, input and output user is only upon access to a particular portal.

What we have:

We have a SSO solution that allows us to unified by several portals in a single system for authenticating users, after which a user logs on any of these portals leads to the fact that it is automatically authenticated to all others. This solution has the following algorithm: When a user logs on one portal immediately set a cookie files for all other domains (portals). When the cookie files are created for all domains (portals) in this zone with a negative lifetime that leads to destruction of their user's browser. This solution is well suited for 5-10 portals, but will not do, in our case where the planned 25,000 portals.

Questions to the developers:

1) Can you solve the problem I described with the help of your component based on the protocol SAML?
2) Can you give an example of code that verifies the current user is authenticated at the main portal or not? Here I can not understand how it can be determined, because in HTTP there is no control session, and how it defines your component?

Thank you.

---------------------------------------------------------------------- Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor who sold you the license and ask for your money back. Back to ComponentPro Q&A Forum Index