I have an ASP.NET MVC 5 applicationand I want to add LDAP authentication.
I already have a form page which is a startup page which tell the user to enter his name and password. The form page is redirected after submit to a home page without testing anything.
I don't know now how to verify if the user exists or not using ldap authentication.
Is this MS ActiveDirectory LDAP? If so you will want to take a look at ASP.Net Identity: http://www.asp.net/identity/overview/getting-started/introduction-to-aspnet-identity
Related
What i have already:
Two asp.net web applications with windows based authentication.
What i want now:
I want to create a login page in Angular 6 .
Consider the user click enters credentials and clicked signin on that page.
If the user is valid i should allow them to access asp.net web application which has got windows authentication enabled on it already.
So based on the inputs i should redirect user to the particualr asp.net web applications.
If the login fails i should show some error page.
Is that possible.IF yes how could we achieve it.
Is the ASP.Net website hosted in a different URL?
If so, once the Authentication API responds successfully, you can just bypass Angular's router and use window.location = "http://your.asp.net.website.com". If not, show the error message and prompt for the correct credentials.
I have login via OAuth already set up in ASP.NET MVC 4, using the built-in Individual User Accounts authentication method. Is there a way that I can disable login with a username and password, so that people can only login via one of the OAuth providers?
You can just remove the code in the View that shows the local login form.
We are having one web site which is developed in ASP.NET and VB code base and It has the normal forms authentication with username and password.
One of our client whats to setup the Single Sign On with our web site and they set up ADFS and gave us the Metadata xml file and We have created STS reference to that url and shared our website Metadata for them to add Relying party Trust.
when I access our website it redirecting to customer page and once they enter the login credentials and it's coming back with the Claims which is good.
Problem :
1).Now who ever access our website all user is automatically redirect to client ADFS login page which should not happen.Users should be Prompt with Our login page and it shouldn't automatically re-direct to client ADFS. If user Wants to use the SSO then it should be re-directed to client page ? How to handle that in programmatic ?
2).If one more client also wants to use the SSO with their IDp then how to configure more than one IDP for One web site?
Thanks.
WIF or OWIN?
WIF by default protects all pages.
You could un-protect your login page (location tag) and then if SSO redirect to a dummy protected page which will cause WIF to kick in.
Beware: for older apps. WIF and FBA in the same app. can cause problems.
The classic way to handle 2) is to federate the two ADFS. Then a user will see a Home Realm Discovery screen and get to chose which IDP.
I have a Sharepoint Site(am not the SP expert) where user logs in this is form based authentication model where Username password is stored in a db...now when user clicks on a link i want him to redirect to a MVC3 application. While doing so i want user tobe autmatically signed in to MVC application. What is the best way to implement that.
Thanks
One way is to pass authentication token in the http header from SharePoint to other web application. Then, MVC application should validate the token before accessing the web site.
Here is my problem :
1) I have an ASP.NET website which is the main entry point in the application.
This website uses Forms authentication, which validates credentials (username/password) against a database.
2) Once logged on the website, the user is displayed a page containing several links which point to a Sharepoint 2007 application, where authentication is managed by an Active Directory.
3) Every user in the Active Directory is duplicated in the database managing the ASP.NET website authentication.
4) The ASP.NET website and the SP 2007 application are NOT on the same domain.
The problem we are facing is that the users first have to enter their credentials to access the ASP.NET website. Then, clicking on a link pointing on the SP 2007 application, they're prompted another .htaccess-like window in order to authenticate them against the Active Directory.
The question is :
Is it possible to kind-of pass the credentials the user first entered to access the ASP.NET website in the HTTP context so that when he clicks on a link pointing to SP 2007, he's not asked to enter his credentials again ?
I've already successfully validated credentials against an AD, but I'm stuck at where do I have to extend the ASP.NET authentication process so I can inject the SP-related domain credentials into the context.
Hope I was clear, feel free to ask for more information if needed.
And just to be clear, bypassing the first step (ASP.NET website authentication) is mandatory :-)
Thanks everyone,
Mick
Does sharepoint have ntlm or forms based authentication? (I'm guessing ntlm because of the login poup)
I have built something like that with sharepoint forms auth where:
1.User logs into ASP.NET application
2.Auth cookie created
3.Auth token stored in database
4.User goes to sharepoint
5.Custom HttpModule checks cookie and token
6.Logs user into sharepoint using HttpApplication.AuthenticateRequest and FormsAuthenticationTicket
I suppose you could do something similar with ntlm auth but it might not be possible as the browser is doing the authentication. A whole bunch of different headers get sent. (eg WWW-Authenticate Authorization). It must be noted that developing a custom HttpModule is not a novice task.
You said:
3) Every user in the Active Directory is duplicated in the database managing the ASP.NET website authentication.
I hope the passwords are not clear text in that database
And said:
And just to be clear, bypassing the first step (ASP.NET website authentication) is mandatory :-)
Do you mean "is not mandatory"?