Does anyone have or know of any example of integrating an ASP.NET MVC application with OpenAM?
I have an application deployed with ASP.NET MVC 2 where the authentication is perforned using forms authentication, and I need to change into authentication using Single Sign On via OpenAM.
I've been searching for a code example of OpenAM integration from .NET, but I have found almost nothing so far. A code example would be very appreciated.
Thanks in advance!
if you want to accomplish this scenario over SAML protocol, then it is not problematic.
You have to download and install OpenAM on Tomcat Appache server. Configure it. Then on page .Net Fedlet you can find details about the .Net Fedlet. That is library set and application sample written on .Net, how to adjust your asp.net application to target OpenAM server. This library supports SAMLP from your web application.
What I am looking for and I have not found yet is the same scenario but over WS-Federation and with usage of WIF. If I found out how I will write it here.
Related
Currently I have an application that is running asp.net MVC 5 utilizing Owin.IAppBuilder for authentication. This was the standard authentication method when building mvc applications. This auth method connects to a SQL database and uses the standard aspNetUsers table method.
I am looking to start building a .net Maui mobile app. This .net Maui app I would like to allow existing and future users of my MVC 5 application to authenticate.
I researched many options but unsure the best method to start implementing. Does anyone have suggestions on what Path I should take?
If you want to use your own web service for authentication, you can use WebAuthenticator to achieve it.
For more information, please refer to: Web Authenticator | Microsoft
I am going to create an web app using Dot Net Core. In future, i will also create mobile application for the same application. Now, i am in thinking the architecture of the project. I want to use WEB API core using Asp.net Identity Core. Also, i will consume WEB API in MVC Core application. But the question i have in mind that how i can handle ASP.net identity with MVC and WEB API? Do i need to include in MVC as well or only in WEB API?
I tried to think hard but still confuse. Need suggestions.
You can use token based authentication .
In a resource owner flow scenario , your client app( mvc application/native application) will consume your web api by providing user's credential , web api will validate the credential(using ASP.NET Core Identity) in database , If the username and password are correct then a JWT authentication token and the user details are returned. Your client app could validate the token and sign in user :
ASP.NET Core 2.2 - JWT Authentication Tutorial with Example API
Tutorial built with
Token Authentication in ASP.NET Core 2.0 - A Complete Guide
In addition, IdentityServer4 is a good choice when you want to roll your own full-fledged OpenID Connect authorization server that can handle complex use cases like federation and single sign-on.
So your question is maybe a bit open-ended for Stackoverflow and you don't really show what you have tried so far.
I will try to answer though. First you just need to start out with a template for your project. Start an MVC project in which you can easily have API endpoints as well. I would suggest splitting those in two projects for clarity - but if it is just a small personal project then you probably are fine having them in the same project. Microsoft have a pretty good resource on MVC:
Microsoft MVC walkthrough
For the Identity part. You would need some kind of authority for it to work. I suggest you take a look at IdentityServer4. Which offers an excellent walk-through of how to set it up and how to integrate it with Asp.NET Core Identity:
IdentityServer4
I have a ASP.NET Core web application, having builtin authentication.
How can I authenticate Xamarin native mobile app with web app and use web services?
Is there any Xamarin library for authenticating Microsoft Identity Server?
I found an article describing creating web service backend in ASP.NET core, but it omitted authentication (why?) :
https://learn.microsoft.com/en-us/aspnet/core/mobile/native-mobile-backend
In the article they use Web API template, problem is that ASP.NET Core does support personal authentication from a box (at least for right now)
Take a look at this project OpenIddict. It's really easy to use and thay have a lot of examples how to build your own authentication service based on ASP.NET Core Web API. There is only one drawback of this project (by my opinion) - from the box OpenIddict supports only EF Core as data access library, but you can implement your own provider.
There´s no Xamarin client for Microsoft Identity Server per se, but you can use oAuth2. It´s pretty standard.
Implementing an oAuth2 server like OpenIddict, IdentityServer or AspNet.Security.OpenIdConnect.Server you can use any oAuth2 client to authenticate, either way from a javascript application or Xamarin.
For Xamarin/.NET clients, there is an awesome client (PCL) called IdentityModel.
I have to develop an ASP.NET MVC website. For authentication, we have decided to use OKTA as the authentication provider. We do not want to use Okta API, but we would like to use SAML implementation. Are there any articles/guidelines available on this? I also would like to know how can we extend this to a WCF service. All of these will be hosted in Azure.
Here are the SAML libraries that I suggest using to add SAML to an ASP.NET MVC website:
For .NET Framework 4.5 or above use Kentor Authentication Services.
For .NET Framework 4 or below use ComponentSpace SAML 2.0. (Paid software, licenses start at $299)
High level guidance on adding SAML support to an existing application is available here: http://developer.okta.com/docs/guides/saml_guidance.html
I developed a web system using ASP.NET MVC 4 and I must perform an integration using .NET Web API and Windows Forms Application.
So far everything has been fine, but now I need to authenticate the users using Windows Forms Application and this application will be open on the internet.
My application already contains users that are registered in the database and currently are authenticated using the component 'Authorize' of ASP.NET MVC.
For data consumption through the client (Windows Forms Application) currently I use the library Microsoft ASP.NET Web Client API.
How can I accomplish this task safely?
Does anyone have any suggestions?
You can extend the HttpClient to add authentication. One example can be found here. It shows how to add a HttpMessageHandler into your pipeline for authentication using OAuth.
Here is the complete List of ASP.NET Web API and HttpClient Samples
Take a look at this Q&A which describes creating a custom AuthorizeAttribute for Web API that also authenticates the user using http basic security and grabbing the credentials from the HTTP header. Note that there is a different AuthorizeAttribute for ASP.NET Web API (System.Web.Http.AuthorizeAttribute) as opposed to the one for an MVC controller (System.Web.Mvc.AuthroizeAttribute). They have different behaviors. You do not want a call to a Web API being redirected to a logon page.