MCAD/MCSD Notes: Chapter 8, Lesson 4; Using Passport Authentication

Lesson 4: Using Passport Authentication

This lesson recognizes that Microsoft attempted to solve the "Single Sign-On" problem for the Windows platform. SSO is an industry-wide acronym maintained by OpenGroup.org (among others) at http://www.opengroup.org/security/sso/.

As of this writing there is doubt that this technology is an active concern at Microsoft. The Passport SDK is currently not available for download from here:

http://msdn.microsoft.com/library/default.asp?url=/downloads/list/websrvpass.asp

"Passport authentication identifies users via Microsoft Passport's single sign-on service. Microsoft Passport is meant to provide Internet users with a single identity that they can use to visit a wide variety of Web sites that require authentication."

To declare Passport authentication in Web.config, this is a pattern:

&lt;authentication mode=&quot;Passport&quot; /&gt;
&lt;authorization&gt;
    &lt;deny users=&quot;?&quot; /&gt;
    &lt;!-- Deny unauthenticated users --&gt;
&lt;/authorization&gt;

The code used to implement authentication is almost identical to the code used for NTLM authentication discussed in "Lesson 2: Using Windows Authentication," featuring use of System.Web.UI.Page.User.Identity.

mod date: 2005-09-16T22:10:20.000Z