…on LinkedIn

ASP Ajax vs j-Query for UI development

How to develop an application from scratch using Design Patterns and Best Practices

Interview on MVVM

What would be best way of combining several different data sources for your program?

What’s the best way to persist ‘logged in user’ information?

When to use dependency injection

en

What’s the best way to persist ‘logged in user’ information?

[ Kristof Dielis | ASP.NET MVC Developers ]

Hi,

I’m building an MVC application that you will need to log into. That means I will need to be able to know whether you are logged in or not (and redirect you to log in if you aren’t).

As Session should be avoided, what’s an alternate (and safe) way to keep track of a user having logged in?

There is this widely adopted Security Design Pattern called SSO – Single Sign On. As Wikipedia states:

“Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. (…)

“As different applications and resources support different authentication mechanisms, single sign-on must internally translate and store credentials for the different mechanisms, from that used for initial authentication.”

And also: “SSO shares centralized authentication servers that all other applications and systems use for authentication purposes and combines this with techniques to ensure that users do not have to actively enter their credentials more than once.”

Try this PDF as a starter.

I hope this helps.

Capparelli [ mar 2014 ]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: