I am trying to send a forms authentication cookie from a ASP.NET Core application. I have a ASP.NET Web Forms app that uses Forms Authentication that is being migrated to an ASP.NET Core API/Blazor app.
I am following the migration [guide here][1]
[1]: https://devblogs.microsoft.com/dotnet/incremental-asp-net-migration-tooling-preview-2/
I am trying to proxy the ASP.NET Core authentication call to the Web Forms app, and pass the Forms Authentication cookie to the Web Forms application. I tried using an HttpClient to make a service call within the ASP.NET Core app to the Web Forms, but the header does not include the cookie. Has anyone got this to actually work? If so, how?
Related
I try to SAML with Sustainsys.Saml2. I downloaded and run examples from their Github page. But all examples for ASP.NET MVC.
I develop my site with ASP.Net Web Forms. My site is service provider for SAML. I changed my web config as in the example but I can't redirect my login page to identity provider's login page.
The HttpModule sample is set up in the same way as a Web Forms app should be set up.
I have a .NET Web Forms website running in IIS (using forms authentication).
I've added a .NET Core 2.2 website as a sub application of the Web Forms site.
Is it possible to share authentication from the Web Forms site to the Core site?
I came across this: https://github.com/dazinator/AspNetCore.LegacyAuthCookieCompat
and was able to check for the forms auth cookie from the parent site when a requests hits the core sub application.
Then I could decrypt the forms auth cookie, to get the user info, and authenticate the user on the core site.
Not sure if this is ideal, because you know have to manage 2 cookies, but it seems to work.
I have a solution with an existing web forms website project (NOT web application project). I want to add a new mvc web application to the solution and have web forms site and mvc web app share forms authentication. I followed the article from microsoft but on localhost this does not work. In the solution, if I start both the webforms and mvc sites they have different port numbers for localhost so I authenticate in the webforms web site but the authentication cookie does not get picked up. Is there something obvious I am missing?
Forms Authentication Across Applications
Is it possible share authentication between Asp.NET web applications and silverlight business application?
Scenario:
When uses logged in on either SL application or Asp.NET application using same browser, I want them to used active authentication. I have seen OpenId authentication can do such, But wondering can asp.net authentication is also able to do such.
Yes the authentication infrastructure can be shared between ASP.Net and SilverLight. If both the sites are under one domain, we can implement the standard authentication using ASP.Net Membership and role provider.
You can then use the WCF Authentication Service to and authorize user. This authentication is is good only for any server side functionality. If you want to authorize on client side (SilverLight) application you need to build your own infrastructure. Role and Membership provider data available can help you in that.
You can host your SL application in ASP.NET page and when somebody comes on this page do authentication. For instance, you can use FormAuthentication on the site, so when you are navigating from some page to page with Silverlight - access will be hovered by very FormAuthentication. OpenId you can use if ASP.NET app and Silverlight on different sites (domains), but if the Silverlight app is hosted on asp.net page you can also authenticate using asp.net infrastructure on server side.
I have an Asp.NET 3.5 application with security/authentication. I have a second application (built using GWT and running on Windows Tomcat) running on a different machine.
I need to make the second application available to the user via a link generated from the .NET application. This part is easy, I have constructed the link in the asp.net page and the user can click on it to start working in the GWT/Tomcat session.
My question is this...
How do I set it up so that the Tomcat/GWT application is Only Accessible via the link in my asp.NET application?
I don't want the user to be able to copy the link from my asp.net page and then share that with someone else who is not authenticated within my asp.net application.
Your tomcat application will be passed a cookie that is the .NET authentication token iff the client has logged in to your .net application.
Your tomcat application can get this cookie from the request headers, and compose another request with this cookie to check with your .net server and see if the cookie (token) is valid.