Our application is developed using asp.net and vb.net. It is a SAAS based application and is hosted with Rackspace
We need to implement Single sign on for our SAAS application, so that users of the application, users who will belong other corporate domains e.g domain1\abc.user and domain2\xyz.user can login automatically as long as they are logged on to their domain, as per above example user abc.user shall be automatically logged into to our application as long as he is logged into domain1.
Can you pl let me know it can be implemented
BizTalk Server uses Enterprise SSO which I have used in the past; there's no need to install (or buy, eeeek) BizTalk to use this: -
http://msdn.microsoft.com/en-us/library/ms972971.aspx
Hope that helps
Related
I have created user pool and configured with asp.net core API that communicates with AWS for Login/signup etc.
I have three stand alone applications build in asp.net I want to integrate these application with AWS through that API.
API is working fine that is able to sign in, signup, forgot password, reset password password etc. but how can I maintain the session(identity) in my all three applications and i also want to implement Single Sign On (SSO).
I am using AWS SDK along with libraries:
Amazon.AspNetCore.Identity.Cognito;
Amazon.Extensions.CognitoAuthentication;
are they web apps? if yes, your browser will maintain the session with Amazon Cognito.
Im developing a web app in asp.NET core MVC, which objective is to be deployed to microsoft teams. I need to use Azure AD authentication. Azure authentication cannot be used inside an iframe, but microsoft has an available work around (https://learn.microsoft.com/en-us/microsoftteams/platform/tabs/how-to/authentication/auth-tab-aad) to authenticate users in teams tab, which I was able to implement and retrieve the access token.
My questions are:
-How do I tell to the server that a user is logged in?
-If a user is in browser, is it possible to have both teams tab and browser authentication?
Very thankful for any (really any) help!
there is a Microsoft Teams JavaScript client SDK, which will help you to log in and for server login you need to store user claims.
MS teams tab authentication will work only under MS team apps, not in outside apps
Is it possible to mix authentication types in a C# ASP.NET MVC web application hosted in Azure?
I have an ASP.NET MVC application written in C# that uses ASP.NET Identity as its authentication system.
A customer has asked if they can sign into the application using their Azure Active Directory (SSO using openconnect id).
I can recreate the application using openconnectid and assign their tenant as the AAD directory but users from my company can not log into the application because we do not exist in the customers Azure Active Directory.
We need to be able to log into the application because we perform data entry tasks for them using the web app.
Has anyone come across a similar issue?
Regards,
Graham
You may need to show login screen with 2 possible options. You redirect the user to their respective identity provider , they get authenticated and bring back the access_token/Id_token to access application resources.
Very much like different OpenID connect providers in the same application(FB, Google, Microsoft etc) and regardless of which provider user choose to get authenticated the token is same to access resources.
Scenario:
I have an website developed in angular js and integrated with STS, while logging in I am presented with the STS login and after logging in with valid credentials - I am redirected to the main website. this far it is working cool.
To mention here, I have web api and wcf services which are hosted from within my website only, thus when the authentication is done at login - there is no issue in accessing the services as well (which are also protected by STS)
Finally we need to open SSRS reports from within the application using a report viewer control.
Challenge
The challenge we face here is that - due to the double hop
from STS authenticated Web app -> SSRS(windows authenticated) -> back to Services(STS authenticated)
SSRS fails to access the services. Locally we have made it work by creating a separate web api project which exposes the service links and is without any authentication.
However we need to ensure that the reports can be accessed only by users who carry a valid claim generated by the identity provider.
Is there a way the SSRS can be made to be a RP with a trusted relationship with the STS?
Any help will be highly appreciated :).
We have an ASP.NET web application that we offer as a Service (it's hosted and it's accessible on the Web). We use Forms Authentication and our users have to enter a username/password to connect to our application. Some of our customers ask that we support single sign-on by authenticating users with their own Active Directory.
Our application has a different URL for each customer
www.ourapp.com/client1/
www.ourapp.com/client2/
www.ourapp.com/client3/
and each URL has its own web.config file (where asp.net settings can be specified and can vary for each customer).
What do I have to change in my ASP.NET application to support that?
What do I have to change on my Windows server configuration?
What will the customer have to do on his side to enable that?
Regards,
Check How To: Use Forms Authentication with Active Directory in ASP.NET 2.0 In short, you configure an ActiveDirectoryMembershipProvider to verify each username/password with the customer's AD. The customer must create an AD account for you that is allowed to perform the verification - which may be a problem with some customers. What's more, your code will handle the actual username/password used by users in their internal network, which can be an even bigger problem with customers.
A more secure solution is to use federation (using ADFS) or Claims Authentication using Windows Identity Foundation. In this case you "only" have to set trust relations between your domain and theirs.