That is what it is intended for. I think you need to update the contract in your cms website to be able to talk to the single sign on service in the commerce manager. There should be a entry similar to this, if not you will need to add it in yoru cms site
<system.serviceModel> <bindings> <wsHttpBinding> <binding name="WSHttpBinding_SingleSignOn" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> ** NOTE: Add Security Here <security mode="None"> <message clientCredentialType="None" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="http://SET TICKET SERVICE HOST HERE/SsoService.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_SingleSignOn" contract="Mediachase.Commerce.Security.ISingleSignOn" name="WSHttpBinding_SingleSignOn" /> </client> </system.serviceModel>
You will also need to create a website on iis to host the service. When you install the commerce there should be a folder called Integration service in the shared folder. The should be a SSOService.svc file in there. Make sure all the config files of the project have the correct values as well.
Thanks again, Mark,
excellent answer :-)
Did you find any documentation about this or figure it by your own?
Neat feature but not that easy to use without a description like this. Do I have to use SsoSharedSecret (also in appsettings)?
Trying to get single sign on to work when going from CMS edit/admin to Commerce manager.
Found a setting in app.settings for Commerce manager, EnableAdminSso that is used in Sso.aspx, that I hoped would magically help me with this, but perhaps is used for something completely different?
I would really like to get rid of the second login.
Thanks for your input :-)