It's not "organizations", really, unless you add the concept of "organization" in your authentication data (for example, organization-user-password is entered in a log in form).
This is not how it's usually work. Usually, role-based security is used, but it can include your concept of "organization". When someone authenticates with your site, you have only the user name and, usually,
cryptographic hash of the user's password. First, you find user data and check up if a password is correct. If it is, you can use the user's personal record on some pages or every page loaded in user's session. A reference to user's "organization" (department, roles, and whatever else). On the server side, you may need to present different content on the page, depending on the current user's role. One particular method of processing would be just redirecting a "wrong" user to some other page.
Please see:
http://msdn.microsoft.com/en-us/library/shz8h065.aspx[
^],
http://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-cs[
^].
—SA