Single Sign-On in a one domain webportal environment
-
Scenario: One application domain with one IIS, one Active Directory, one MS Exchange Server One portal startpage which uses certificate authentication via smartcards, mapping the certificate to a user account in the domains Active Directory. The user puts his smart-card in his reader and accesses the portal-startpage over the internet. After successfull authentication the portalpage is shown in his browser. This page contains for instance a link called "mail" which will take the user to a page where outlook web access has been capsulated into a webcontrol and presented on the mail-page. Question: Will he automaticly be logged in and shown his personal inbox (SSO)? According to my own research on the web the way I understand it is that when he gets logged on to the portal a session-key containing all his credentials from the information in Active Directory will be created by IIS. This key will live throughout the whole session and automaticly be used in further functionality-requests by the user. In other words, once hes logged in to the portal SSO will work. Is this correct? If not, how can this type of functionality be reached? thanks for your time /Rickard