Question : single signon

I've been asked by a client to implement single signon for our web site from their network. The preferred methods/configurations are these:
1) SSO should occur over https
2) SSO information should include a timestamp
3) Trust information of any sort should be encrypted
4) Timestamps are synchronized with tick.usno.navy.mil and/or tock.usno.navy.mil to within +/- 30 seconds *
5) Where reasonable it is preferred that users only have access to the trusted system via SSO and not by direct login
6) The following hash and encryption methods are supported:
A. 3DES
B. AES
C. SHA-1/SHA-256 (Hash)
D. MD5 (Hash, deprecated)
7) we need to support /access LDAP version 3 or higher

My site is built in .net using Visual Studio, SQL Server 2008 database - all hosted by DiscountASP.

I have NO experience in any of this and am very nervous. My questions are;
1.How do I access their LDAP? I think via XML somehow. Any good references for this?
2. If I convert sites to https, what code updates will I have to do? Does it mean recoding of all pages or does it mainly hit the config.sys file?
3. anyone have good links to start researching?

Thanks SO much for any help...

Answer : single signon

how do you plan to use the token? will it be used to authenticate your server to the web service?

synching your server's time with reliable time providers:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2000_Server/Q_22951251.html

BASE64 transformation
http://www.devcurry.com/2009/01/convert-string-to-base64-and-base64-to.html

AES is a symmetric encryption, so I assume that you will swap keys beforehand in a secure manner.
http://www.experts-exchange.com/Programming/Languages/.NET/Visual_Basic.NET/Q_24845774.html

there are still a few major unknowns.
How does the customer plan for you to have the daily file in a secure manner?
The customer must deploy a web service to verify users. This web service will hide the LDAP details from you, so you will not have to deal directly with LDAP.
Of course, you need the web service details..

ShalomC

Random Solutions

Spam/Open relay?

concurrent connection to Wireless / WiFi & wired LAN : difference between Windows route add , Unix route add & Cisco ip route

Sharepoint Server Backup and Restore

file extension problem

How can I speed up this append query?

how can I check in my laptop specs that its an "intel core i7 quad"?

arcserve 11.5 exchange server 2003 public folder restore

Passing an ID to a request query string using an asp.net Hyperlink object

sbs 2003 wont load some webpages

I"m getting an undefined index error message on this script.