How do I enable OAuth with my existing MVC application? - asp.net-mvc

I have an SQL Server database with a MVC 4 internet application. How do I use OAuth with my existing database and existing user table (unfortunately called 'Customer'). I'm trying to avoid changing as much as I can. Does anyone have any helpful information?

Take a look at DotNetOpenAuth. It's shipped with VS2012, is available via NuGet, and seems to be geared more toward the ASP.NET MVC audience than simpler WCF setups.

Related

Looking for a secure and robust STS implementation

I am faced with a project that uses custom authentication via a WCF service that returns a set of claims based on some data identifying a user, close to user name and password. Then on top of this, I have a custom STS, derived from Microsoft.IdentityModel.SecurityTokenService, that resides in an ASP.NET web site project. This project looks like it was created with the VS2010 template, and not carefully had-crafted.
My gut feeling, and lots of on-line advice tell me that this web site STS project is very far from production ready. I am now looking for an MVC based STS that I can use in anticipation of being production ready. TinkTecture's IdentityServer looks promising, but it is so much more than simply implementing a custom derivation of SecurityTokenService, I have no idea where to start. If somebody could steer me toward an open project or walk-through that does this, or offer some guidance as to where and how I can start extending or modifying Identity Server, that would be great.
Have you looked at Thinktecture.IdentityServer v3? I'm at the moment using it and very simple to use.
It is still in Beta but RTM will be available soon. It has good documentation and samples too.
https://github.com/thinktecture/Thinktecture.IdentityServer.v3/wiki/Getting-started
https://github.com/thinktecture/Thinktecture.IdentityServer.v3/wiki
Update:
Identity Server 4 is also available. It supports cross-platform deployment with .NET Core.
https://github.com/IdentityServer/IdentityServer4/
Have you looked at the MSDN article by Michele Leroux Bustamante?
It's a little old and based on WCF, but it has code accompanying it.
Building A Custom Security Token Service
If you want ASP.NET based example, Microsoft published this:
ASP.NET Security Token Service Web Site
There's also this STS project on CodePlex.

Sessions when one has an ASP.NET MVC 4 + Node.JS Hybrid application

I have already done a proof where I can include Node.JS within an ASP.NET MVC application.
Assume that I am going to use an external session provider like windows server appfabric Cache or memcache.
I have an application where there is a quite sophisticated assembly that we use to build middle tier objects that we then store in the session. The assembly and the objects it produces is our most valuable piece and I cannot justify rewriting this C# project into something this is more Node.JS friendly.
This data is stored in an external cache, and now the node.JS developers need access to that.
What techniques have you guys used in situations like this? I am pretty sure that I am going to have to have some sort of service interface provide by the asp.net side as it is the one that owns this system of record.
I am also looking for a green field option for new projects that allow both ASP.NET MVC and Node.Js work together well in a hybrid fashion anyway, so perhaps this could be solved by data being stored in a convention that works for both.
Thanks.
I wouldn't use ASP.NET session at all. Maybe a database would be a more interoperable approach. SQL Server or even NoSQL solution such as RavenDB might be a good choice.
The problem with ASP.NET out-of-proc session state providers is that they use non-interoperable serializers (such as BinaryFormatter or NetDataContractSerializer) so you cannot read the data back from NodeJs. There might even be differences in the serialization mechanism between the different versions of the .NET framework so even with 2 ASP.NET applications running on different versions of the framework it might be a challenge to share session data.

What is the best way to use live id authentication with azure based asp.net mvc project?

What is the best way to use live id authentication with azure based asp.net mvc project?
I find the options
1) With in Live SDK, there are options like REST, JavaScript, C# etc.
2) Since my project will be hosted in azure, there is another way "Securing Web Applications with ACS" http://msdn.microsoft.com/en-us/library/gg185928.aspx
Please suggest the design and also support with pros when an particular approach is good.
You definitely want to work with ACS. Not only is it intended for this purpose, there's a fully worked up example at
http://msdn.microsoft.com/en-us/library/gg185975.aspx
which will give you a flying start.
ACS, and Windows Identity Foundation in general, lets you take the approach of separating identity verification from your application altogether. This saves a ton of code and means that you have much less "plumbing" to support.

Need to make ASP.NET MVC website with MySql Database and membership

I need to set up an asp.net mvc website in which all user information is to be stored in mysql database and user authentication needs to implemented. The MySql database on located on a web hosting.
Till now, I have only relied on the default asp.net mvc project provided in visual studio and do not know much on how to setup membership and login functionality for a website.
Can anyone please advice where to start looking.
Thanks.
Here is a link with custom membership providers for MySql.
You will have to register them in Web.Config. Linked article explains well though.
When in doubt you can always refer to the sample Microsoft implementation. Their source is available here
I've done several sites with custom membership providers.
If you want to use something non-typical, like MySQL in .NET, I would suggest that you at least make it as much non-typical-part-agnostic as possible. In your example, that would be membership provider based on DB-agnostic data access, that is Entity Framework. Then you can even "switch" your underlying DB later without pain.
Look here :
http://efmembership.codeplex.com/
http://www.codeproject.com/KB/web-security/EFMembershipProvider.aspx

Membership with Microsoft Access

I'm doing project in asp.net mvc with Micorsoft Access database and I need to figure out how to make a login system and roles with Microsoft Access.
I have seen some examples on the web:
http://binarywater.com/OleDbASPNETMembershipProvider.html
http://imar.spaanjaars.com/QuickDocId.aspx?quickdoc=404
I want to understand if they are examples that can be used in asp.nt mvc frmework 1.0 with 3.5.
Because the first link talks about asp.net 2.0 and also create the DataBase aspnetDB.mdb how do I use tables in my db?
You want to be one of your suggestions
Thanks again for your help
you have to write your custom MembershipProvider for your access database
or try to find one on the internet...
asp.net versions are different from the mvc versions
mvc framework 1 runs on .net 2.0 runtime....

Resources