Single Sign-on Security

Portland Financial Management Group, LTD.
London, UK

The Single Sign-on Security application allows Portland Financial to administer and configure role based security across multiple applications with single sign-on capability.

The application has the following characteristics:

	Provides a single sign-on capability for multiple applications.
	Allows page access and data filtering to be dynamically assigned to multiple Iron Speed Designer applications from a single point.
	Provides enhanced login with SMS challenge/response messaging confirmation.

Configuring roles

Single Sign-on Security allows the system administrator to configure application security for the entire company. The administrator can view, add, edit and delete application entries that make use of the dynamic security feature. Once a new application is added to the system, the program will automatically locate pages used by it and add them to its security store. Other items such as reports can also be secured.

Administrators can create users and assign user roles as they go. When page access is assigned to a user, the application is automatically updated and does not need to be recompiled.

Single Sign-on Security displays filtered data to each user based on their role. As a result, data is restricted and retrieved from the database without further coding. Various logging data is stored when users attempt to login (ie. IP address of user, timestamp, login details, etc.).

Editing Age Access en masse

Administrators can also configure security strength with settings such as the length of passwords, special characters/numbers in passwords, password encryption, and usual login times during the day and durations, IP restrictions etc. In addition to the password settings, users logging in under certain conditions are required to enter a response code sent to their mobile phone. This is implemented as an added security level when users login outside normal working hours or consecutive multiple attempts after the first time they login that day.

Application size and scope

Single Sign-on Security is comprised of one SQL Server 2005 database with 22 database tables, eight views and 50 Web pages. The largest table is ObjectAccessrule which has 12,000 records today. The number of records in this table will grow as new applications and roles are added to the application.

Every month, 60 system administrators access the application and process 200,000 transactions.

The project

The project took me two months to implement. The Iron Speed Designer portion of the project took 10 days.

Code extensions and customizations

I wrote 1,000 lines of custom code over one month. The most important customization was the incorporation of custom security libraries (Web Services call to the security layer).

I did not incorporate any third-party controls.

Page layout customizations

I modified the page layout to accommodate extra buttons and used the standard Matterhorn page style in Iron Speed Designer.

Iron Speed Designer impact

I saved two months of development time and $28,000 using Iron Speed Designer. The project would have been feasible without the tool, but it would have taken at least three months to build.

Next steps

I plan to implement more enhanced application security as the number of websites and application users grow.

About the developer

Tim Titchmarsh has more than 25 years software development and management experience in the computer industry. He earned a Higher National Diploma in Computer Science Studies in 1986, and set up his own software consulting and development company in 1997. Dot Net Architect specialize in Microsoft technologies. He has won contracts with many blue chip clients both in London and Zurich. His clients include USB Global Asset Management, Accenture, Commerzbank and Amlin Insurance. Tim has gained a reputation for getting things done! Tim is a member of the Microsoft MSDN Visual Studio Team Developer and The Microsoft Partner Program.