I'd like try out MVC 6 on a new project, but one of the requirements is using ADFS for authentication. Is this possible yet with MVC6? I tried using Microsoft.Owin.Security.WsFederation in an MVC6 project, but I get the following error:
Failed to resolve the following dependencies for target framework 'Asp.Net,Version=v5.0':
Microsoft.Owin.Security.WsFederation 3.0.0
Does anyone know if there's a ASP5MVC6 compatible package for ADFS auth?
ASP.NET 5 (including ASP.NET MVC 6) does not yet have support for ADFS authentication, but it is in the plans (I work on the ASP.NET team).
Related
So, I have set up IdentityServer 4 in a .NET Core 3.1 project. And I have Web application, also .NET Core 3.1 signing in users through OpenId Connect (oidc). Works perfectly.
But I also have another ASP.NET WebAPI project created in .NET Framework 4.7.2 and I want to let users authenticate to that with a Bearer token created by my IdentityServer 4.
That would work perfectly if that project was also .NET Core. But it's not. It's .NET 4.7.2 and all examples I can find uses .NET Core with "UseIdentityServerAuthentication" which is not available in .NET 4.7.2. Or I find examples using "IdentityServerBearerTokenAuthenticationOptions", but that requires NuGet for IdentityServer 3 and doesn't seem to support Jwt tokens created by IdentityServer 4 (or so I understood - might be incorrect).
Can someone push me in the right direction here? The WebAPI project needs to be .NET Framework 4.7.2, that is a technical requirement.
You are on right track with IdentityServerBearerTokenAuthenticationOptions. you need to use IdentitySever3.AccessTokenValidation on API project.
The issue with IdentityServer4 generated tokens is that their type is at+jwt, but you need JWT on your API, you can easily change the type on IdentityServer like this
var builder = services.AddIdentityServer(
options =>
{
options.AccessTokenJwtType = "JWT";
})
You may have other issues along the way, which I suggest you to read my blog explaining this with IdentityServer4 and .NET 4.5.2 https://nahidfa.com/posts/identityserver4-and-asp-.net-web-api/
You might ask why I would want to use old SignalR in ASP.Net Core. Well, I have an old MVC 4 app that I cannot completely rewrite and want to use it in conjunction with a new ASP.Net Core 3.1 app with the 2 apps potentially communicating via Web API and SignalR. Since ASP.Net SignalR is not compatible with Asp.Net Core SignalR I would need to run ASP.Net SignalR in my ASP.Net Core app. If this is not possible, then I certainly could not write the new app in ASP.Net and not ASP.Net Core. Just trying to understand possibilities.
After a little further work, I don't believe that this is possible
I have some legacy web form ASP.NET Web Application (.NET Framework) which are working with my own custom implemented SSO application.
Now, I want to use IdentityServer 4 instead of my SSO application.
I have seen all the sample codes for IdentintyServer here, but there is no sample application for Web Form.
Just to mention that in my old web form application I didn't use Owin or any other middle-ware.
Is there any sample for that or I should refactor the codes for MVC samples to be used in Web Form?
You can check what brockallen (one of the IdentityServer authors) says in his comment.
In my current solutions, were I have Web Forms client, I use IdentityServer3.AccessTokenValidation and IdentityModel libraries (IdentityModel should be v <2.0). There is no issue, connecting with these libraries to IdentityServer 4 and authenticating.
If you are forced to not use the Owin Middleware, you will have to end up with some custom implementation and calls to the IdentityServer endpoints etc. But if there is no stopper for you using it - this will be your preferred way.
I am a bit confused as to why there is no Individual User Accounts authentication option in the latest ASP.NET Core Web API template.
Is it still possible to implement individual user accounts the way that the MVC template does or would it not make sense?
Let's say I am creating a stand-alone web API that is going to have all of my business logic and data layer that accesses the database which has the AspNet Identity tables. I plan on making calls to this API w/ an MVC app.
I know one way of doing this is to create an asp.net MVC app w/ individual user accounts auth and simply build the API right within the MVC app using a controllers/api folder. However, I don't want to do it this way because I want the API to be its own standalone project that can be hosted on a completely different server and accessed by multiple applications, not just an MVC app.
Can someone lead me in the right direction on how authentication typically works in this scenario since there is no template?
Individual User Accounts authentication option for the ASP.NET Core Web API is available in .NET Core 2.0 Preview 1.
Unfortunately .NET Core 2.0 Preview 1 isn't available in VS 2017 release.
But you can install Visual Studio 2017 Preview (you can use it side-by-side with VS 2017 stable version) :
I think you can use IdentityServer4 which allows implementing single sign-on and access control for ASP .NET Core Web APIs using protocols like OpenID Connect and OAuth2. It offers integration with ASP.NET Core Identity and Entity Framework Core.
You will need to install to the following nuget package:
Install-Package IdentityServer4
and add the IdentityServer middleware to the HTTP pipeline:
app.UseIdentityServer();
You can find several quick start samples here or follow this article.
How can i use the forms authentication found in asp.net mvc 3/4 in mvc 5 ?
I have an mvc 4 app that i want to hook up with admin dashboard in mvc 5 and eventually convert the main app to mvc 5 but i want to keep the authentication AS IS or convert it somehow to the new auth method.
I searched for a while but all i found was on how to use the new OWIN authentication ( imo ms` version of dotnetopenauth). If you guys know a link with useful info or can answer me here, please do so.
Thanks!
I was able to get both, OWIN and Forms, to work together by doing this: MVC 5 External authentication with authentication mode=Forms