I need a way to authenticate users to a DNN site from an external desktop application, in my case a OS X MAC Application.
The Desktop app needs access to Web API service methods on the DNN Site. I think the JSON Web Token (JWT) would work for this, however, we are using DNN 7 and are unable to upgrade at this time. Is there another option to authenticate from outside of the framework? There does not appear to be a DNN API call to even check if a username and password are valid, as everything is strongly tied into .NET Identity. Is there a way to do this?
I want users to login to DNN directly from within a desktop app on MAC.
You could use basic auth with SSL. Here is an answer I gave on how to implement by authorizing web services with basic auth restricted by role.
Basic auth in DNN Web API service
Related
I currently have an MVC 5 App which uses Windows authentication, from the intranet template. I would like to now expose this to internet users and utilize oauth. It seems that many of the files in oauth walkthroughs are missing from my project. Is there a nuget package I can use to refill the missing files that would have been in the "Individual Users" template, or do I really need to create a new project as OAuth and back fill Windows auth into it?
You can't really simultaneously use both Windows Auth and Forms Auth (Individual User Accounts), with or without OAuth. There's hacky ways to invalidate what I just said, but they're just that: hacky. Really, the only real approach is go Forms Auth and then connect to LDAP manually to sort of proxy authentication from the domain to Forms Auth (basically, you'd have to create a local user account that represents a domain account).
Really, if you need to use simultaneous different forms of auth, the safest and easiest bet is to use separate projects and just share as much of the code as you can, with class libraries, Razor Generator for compiling views, etc. You'd of course have to host each project separately, but you could simply use a subdomain (i.e. internal.mysite.com vs www.mysite.com), or if you got your own network DNS server, you can even map internal requests vs external requests to the two different sites using the same domain.
I've got a .Net application running inside a Citrix environment and I need a way to identify the user logged on to the citrix client using forms authentication. Is this possible? I've seen some post regarding a Citrix SDK but not sure if solves my issue...
I'll preface my statements by saying I know next to nothing about ASP.NET and Forms Authentication (which from brief Googling appears to be a way to implement custom auth in ASP.NET).
Any app running a Citrix session will have access to the identity of the user. It will be running as the users' identity already and so you can query the current security principal to see who the current user is. You don't need to use any special Citrix SDKs. It's a common assumption by devs that they need to do special stuff as soon as their app is running under Citrix. However in most cases you can develop your app as-if it were running on the users' local desktop, and just deploy it on a Citrix server instead.
So for a regular .NET desktop app you can use properties like: Environment.UserDomainName and Environment.UserName to get details about the current user. Other stuff of interest is System.Security.Principal.WindowsIdentity, you can use the GetCurrent() static method to get the current users' identity.
Now as I said initially this maybe different for your case as it sounds like forms authentication is some kind of custom auth mechanism, so what I've said may not apply. But hopefully I've given you some useful pointers.
I'm working on a project using ASP.Net MVC5 which also includes a Web API. The API will be for internal use only. I'm using the OWIN library to provider authentication.
I'm having a difficult time figuring out how to correctly implement authentication through the API. I was planning on using OAuth 2.0 but the problem with OAuth is that the user needs to login through a browser page instead of a native login screen. So I was wondering if it is possible to somehow skip the browser.
I've found this example which creates it's own OAuth Authorization Server. But it doesn't show how to make the login native.
If it's a highly trusted client, then you can use the OAuth2 resource owner password flow. You can look at the VS2013 SPA template and/or read on this post:
http://leastprivilege.com/2013/11/13/embedding-a-simple-usernamepassword-authorization-server-in-web-api-v2/
You could use Thinktecture.IdentityServer v2 as a light-weight security token service.
https://github.com/thinktecture/Thinktecture.IdentityServer.v2
You will need to create a WOPI host, which is basically a software solution that can take advantage of the browser-based Office(office web).
Create a custom WOPI host and configure it to use Office Web Apps Server to provide the browser-based file viewing and editing for Office files.
Nice sample on Microsoft MSDN
Mine is a web product (delivered to a browser), being built on ASP.Net (Framework 4.0).
Most customers seek Single Sign On, such that their users should directly logon to the application on its invocation with the Windows or Active Directory login, they're using. Some other customers want the application to accept form based login credentials. So basically my web application should be able to adjust (configured) based on the customer's requirement. Their may be claims based authentication is some stray cases as well. I'd like to know the best way to achieve this in ASP.Net.
.NET open auth is your friend.
http://www.dotnetopenauth.net/
Then, there's active directory/LDAP:
http://www.codeproject.com/KB/system/everythingInAD.aspx#35
And your own provider + WinForms should be clear.
Need to develop a Web application that will be used to authenticate and authorize internal and external users to log and then re-route to web applications for the organization. The login application should be able to provider smooth integration with any future applications that needs a secured authentication.
Should I be using WIF - Claims based Identity/ADFS or asp.net Role membership provider to develop this app.? Or is there any other approach which will help achieve this?
I've been working on an asp.net site with WIF for several months now. I like that WIF is very flexible, but the documentation is poor. Check out the discussions on SO about WIF.