If you are looking for a reference on implementing design patterns in .net, I recommend visiting www.dofactory.com. I found the samples on the site very informative since they provide simple codes that will help you understand what a particular pattern is for. They provide two set of sample codes, one structural and the other is for real world implementation, and the codes can be in c# or vb.net. UML diagram of the pattern is also available for those people who love to draw squares and arrows. They also have a framework which these patterns are implemented; they call it Design Pattern Framework. The book really comes handy to those developer who are involved in designing software.
Monday, July 30, 2007
Gang of Four Design Patterns
Thursday, July 26, 2007
ASP.net : Single Sign On using Forms Authentication
Lately I have been asked to implement SSO on all upcoming web applications on a division in my company. As the name implies the user will only login once and have him jump from another application without prompting for a username and password. Using Forms Authentication of asp.net means each application will be generating an authentication ticket, and using this ticket for SSO would be easier since the framework will taking care a lot of things for us.
1. Override the Machine key validation and decryption key.
By default each application authentication ticket will be generated using a different validation and decryption key. Since we need to have a single ticket for the applications we will need to have the same keys for each applications under SSO. We can specify the keys by adding the following entry on each application web.config.
<machineKey validationKey="1555CBC4DE7791EA223E"
decryptionKey=" D1CB403BD1EE413909EF" validation="SHA1" />
2. Have the same forms name in your forms authentication entry.
Each application will have to point on the same authentication ticket. To do this we just need to have the same forms name. This is assuming you will be implementing a parent child virtual directory setup on your IIS.
<authentication mode="Forms">
<forms name=".SSOAuth" protection="All" timeout="60" loginUrl="login.aspx"/>
<authentication/>