There are a number of ways implement single sign on with iMIS. Here I'll list each approach along with the pros and cons of each.
MembershipWebService.asmx
Pros
Other Single Sign On Solutions on the market
Pros
MembershipWebService.asmx
Pros
- Available with iMIS out of the box
- Accessible via any language that can call soap web services
- Only works in the same domain / sub domain
- The 3rd party site is required to provide a login screen.
- The users credentials will be exposed to the 3rd party site as the user will be required to enter them into the 3rd party's login form.
- It is an older technology based on SOAP
- Share Machine Key
- Only works between asp.net / mvc applications
- Only works in the same domain / sub domain
- You have to share the same "key" across all web applications which could be 3rd party site
- Roll you own
- I can't think of any
- Cost of development
- Security risk if not done properly
Other Single Sign On Solutions on the market
Pros
- No need for a custom solution
- The ones that I know of all use older technology based on SOAP.
- They don't implement modern standard protocols
- Organized Bits iMIS Identity Server
- Pros
- Implements modern standard protocols.
- It uses RESTful endpoints.
- It is an iPackage install into iMIS.
- It supports multiple types of client applications (Web, SPA, mobile, and desktop)
- 3rd party sites do not have access to the members credentials thereby ensuring security.
- It supports the iMIS Facebook login functionality.
- I honestly don't know of any.