Hi,

I am looking in to implementing a single sign on for a number of in house applications.

I am thinking of making it a web service that initially queries the active directory to see if the staff member logging in actually is allowed on the network. As far as i can make out, this should be relatively easy.

I can then have a login control that can be added to each application that accesses the web service to authenticate each user.

A database will be implemented and will be checked after the Active Directory LDAP query to see which applications the user has access to and the rights they have in that application.

How best would i be able to check that the application being signed into is in the list of accessible applications for the given user?

Does this sound like the best way to do such a thing?

Any help or links on this matter would be much appreciated.

Thanks in advance

Grant