Hi,

I am trying to achieve single sign-on, between two asp.net applications on the same box.

We know that single sign-on means authenticate once on one site and access another site without authenticating one more time. What I am trying to achieve here is, I created a asp.net application say app-A, with its own database, that stores user_credentials (user_id, Password and role). So when user requests a page on this site/app-A. He will be asked to enter his credentials (id,password and role), which are then compared with the app-A database. Once authenticated, authentication ticket will be created and stored in a cookie. user_id and role of the current user in session are stored in that cookie.

Now, I want to create app-B on the same box as of app-A resides. App-B contains a login page. So, when user clicks on the URL of app-B from within app-A, it should automatically authenticate user who are in roles Admin, Student and Instructor and redirect him to the requested page on app-B, that is, it should by pass him from the login page. But, when user in role Guest tries to access app-B from within app-A, it should force him to enter his credentials.

I am not storing user_credentials in central server, instead they are stored in app-A database. So, I want to know how to pass these user_credentials from app-A to app-B on the same box?. So, that app-B compares user_credentials passed on from app-A with app-A database.

Is there a way that app-B can read the cookie created by app-A to get the user_credentials?. If, so can any one explain me how and refer me to good resources on the web?.

Thanks,