SSO checking for authenticated user best practice?

Adrian Cotter

I am wondering what the best way to check for an authenticated user is on a non-convio website. Convio is the master authenticator.

This is for pages that are associated with a Port driven social network, but are not on Convio or the Port, just on our own server. I want the user to know they are logged in and display appropriate links.

On a current site, we're doing this on plain .html pages with an AJAX iframe call. But it can feel a little clunky at times ( climatecrossroads.sierraclub.org in case you want to see it in action).

What I am considering doing is having an asp.net page redirect through the Convio server (using loginTest), and check for login credentials that way -- then set a cookie indicating their status on my end of the website (so I only have to do this kind of redirect once in a while).

I "think" this is what the Port is doing more or less on its own pages. One downside of this seems (I'm guessing here, there might be some other reason behind this issue) to be that Facebook doesn't quite pick up what is on a page.

Anyway, wondering if anyone has implemented anything and if they'd share their method.