I've search the web for information about having a single user be authenticated across multiple applications. The bulk of what I've found has been just that. However, I don't want any specific user (except my superuser) to be able to get into every application.
I'm developing a website for my company that currently uses ASP.NET authentication tables (local tables) for user authentication. Originally, the website was designed to be a single site that would support multiple clients (our customers), and be able to separate one client's data from the other. Unfortunately, some clients wanted their data physically separate and the site "branded". So, we decided to provide separate sites, each with their own local ASP.NET tables.
There is a "master" database that each of these sites communicate with. The master happens to be on the same server as all of the other local app databases. The master contains copies of some data elements from the local apps, as well as some "common" data elements. The local apps use a "MASTERDB" linked server to connect to the master database to retrieve the appropriate data.
For the most part, this is working fine. However, I'm in the process of redesigning the database structure. I want to combine all of the local ASP.NET tables into a single set on the master. Each local site would have the application name set accordingly, with each application added to aspnet_Applications. When the user logs in, the authentication would use the application name and the login name to authenticate via the master database.
In my real-life (future) example (the names have been changed to protect the innocent), I have 3 sites: SITE-A.mydomain.com, SITE-B.mydomain.com, and SITE-C.mydomain.com, each having their own local database. I have a MASTER database containing the ASP.NET authentication tables. Each site has its respective application name set. When the user logs in, his ID is authenticated for his application. I don't want that user to be authenticated on any of the other sites...except for my "superuser".
I want to have a "superuser" that will be allowed access across all applications. Under normal circumstances, this should be no problem. But, I'm using the ApplicationName + UserName authentication for the individual applications. I can't create a single"superuser" login name and assign it to all three applications in the aspnet_Users table, since the UserID has to be unique.
Does anyone know of a way to do this? Am I asking to much from the system?
Thanks,
Kevin