Let me set the stage for you: - Around 500-1000 external users connecting via Citrix - MS Network - Windows 2003 Servers for Domain Controller, Web Servers, SQL Servers - SQL Server 2008

The web portal runs based on client, user roles and client DB data. Microsoft provides a rich, role-based model with ASP.Net, but that model is not designed to run under a portal structure. So, we married what Microsoft provided in ASP.Net security, Active Directory Accounts/Groups and SQL Security.

Now, here is the wrinkle: The company had multiple (competing) clients running the same system code, but data was housed in separate physical SQL boxes (with client-specific database names). So, everyone ran the same web application and middle tier, but at the DB level it was client specific (everyone was on the same DB model). Remember, our clients connected to our company via Citrix, so single sign-on was a requirement (even though Citrix handled the DMZ authentication, it did not handle the forms authentication with our web applications). It's important to understand that the clients are in the same industry, so data integrity is a must because of competitive advantage.

So, the challenge was how to authenticate, load, execute the web system as a portal when the authentication and data was setup as client specific?