Difficult a lot more than we thought it would be, we are trying for 2 days now to figure out the best and shortest/simplest/secure way to do the following.
We have a web application made using asp.net MVC4 with EF6 and SimpleMembership.
We want an affiliate website to login to our website, in a way their users won't need to login again to our system, but they would just be redirected to our site and logged in on the background.
We thought we would make them post the login, as done on a login form, but that's not really easy in cross domain and also - how would they encrypt the user-password? we've decided not to go ahead with this insecure idea, unless someone here would enlighten us.
We've heard of OpenID and oAuth. Are they easy to implement? what would the affiliate need to do? (register some third party? does it cost anything? isn't it a fuss?) what would we have to do? can this be done in a short time?
Help would be appreciated.