I am creating a series of websites and web applications that will be hosted on a dedicated server that I own and accept. They will be developed on Windows Server 2008, IIS7 and .NET 4, SQL Server 2008 and Entity Framework. It will be a live server, and also a place for me to learn how to do some new things.
- User will have one username / password for all sites
- A user can have different access levels on each site.
- Login must be permanent in Remember Me sessions
- "Logout" registers the user from all sites.
- There will be some parts of sites on which anonymous is allowed.
I looked at OpenId and OAuth, and I'm not sure if any of them really fit the bill. I do not want to use something like Twitter for authentication, as I heard that it is filled with holes.
source
share