One of the many ways to achieve LDAP SSO using Delivery Server 10.1

Have you ever tried to Single Sign-On LDAP users into Delivery Server projects? Last week I was looking for a quick and easy method, with special assistance from Tim Davis (and thank you!), here I am documenting the steps to achieve this.

My solution can be explained in the simple diagram below:

Solution Architecture

As you can read from the diagram, I am using .NET to read the user name, format my own digest string, and then include hash value as one of the request parameters in the URL before getting redirected to Delivery Server by ISAPI. Once the request has traveled to Delivery Server, I can then use the username provided in the URL, compute and compare the hash values; if the hash values match then I can use dynament code to login the user automatically using the trusted mode.

Step 1 – writing  .NET code
This one is easy, very straight forward; a few variables, one function, one redirect.

FUNCTION_PAGELOAD

At the end of the Page_Load, I redirect the user request to a virtual directory I made up with the same name as the Delivery Server project name (just to make the URL user friendly).

Read more of this post

Advertisements