I am relatively new to asp.net so sorry if the question sounds silly.
I have to build an Asp.net web application able to login on a OpenId custom server (i.e. not included in the DotNetOpenAuth library). I am using vs2010 and .net framework 4.0.
After many searches I found these posts where it is explained.
http://blogs.msdn.com/b/webdev/archive/2012/08/23/plugging-custom-oauth-openid-providers.aspx
How to use OpenID providers with unique identifier URLs in ASP.NET MVC4
http://blogs.msdn.com/b/webdev/archive/2012/08/15/oauth-openid-support-for-webforms-mvc-and-webpages.aspx
All of them refer to MVC and to a directory/file called /App_Start/AuthConfig.cs where you have to register your new provider in order to be able to use the client that comes built-in with the library.
From other searching I have understood this directory is not available in Asp.net web application.
Does exist a way/workaround for achieving the same results in Asp.net web application?
Do you have any suggestion/link on how to implements such custom client in my server?
Thank you
stmod
thanks for your help.
After your comment I was back to the provider for asking clarification, but so far, they cannot help me more than providing that link.
So I tried to manage it working in Java and I did it using openid4java library and the following code:
URL u = new URL("https://logint2.idm.toon.sul.t-online.de/gcp-web/login/10000112/");
Identifier i = new MyIdentifier();
*//myIdentifier is my implementation of interface openid4java.discovery.Identifier and returns* "http://specs.openid.net/auth/2.0/identifier_select"
DiscoveryInformation discovered = new DiscoveryInformation(u,i);
AuthRequest authReq = manager.authenticate(discovered, returnToUrl);
With this code (and others for managing the response) I have it working.
I am trying now to apply the same to my dot.net solution.
Can you help me in writing the code for having the DotnethOpenauth working with this endpoint?
I think I have to override the Identifier class as I did in Java, but I am stuck.
Thanks stmod
Adding OpenID Relying Party support to your ASP.NET web application is actually quite easy, and does not require an AuthConfig.cs file. If you are using web forms, the easiest way to go is just drop an OpenIdLogin control onto your web form. If you are using MVC, it's just a few lines of code to write, and you can check out the OpenIdRelyingPartyMvc sample that is included in the dotnetopenauth .zip download from SourceForge to see how it can be done.
Related
I have a legacy Asp.Net Web forms app which I'm migrating to .net 5. I'm trying to migrate this piece by piece. I'm using Microsoft YARP as reverse proxy - https://github.com/microsoft/reverse-proxy which helps to retarget URLs of old application to new application without users knowing it. So this first part is done.
But now I'm facing issues where users are finding critical issues in new app and this is becoming hard to handle. So I was thinking to implement a link/button on the pages which will allow users to use legacy or new app as needed. I have seen many websites which allow to switch between classic and new version of their websites. But not sure, how should I approach this with YARP. As I see YARP configuration gets applied to all users and it is kind of static. It can be reloaded, though. In my case, User-A may want to use a page from legacy app and User-B may want to use it from new app.
I read on their site that I can write an middleware to handle custom logic but not sure how to approach this. Any guidance will be more than helpful.
You can use the migration assistant from Microsoft incremental migration tutorial to auto-setup a YARP reverse proxy.
Don't forget edit on appsettings.json, the property fallBackApp on ReverseProxy section after deploying your .NET Core application .
I have two applications, one in asp.net and the other in asp.net core. I want to share a common database, as well as the same login. Ie, a user can register via asp.net application, and then their identity will be shared with asp.net core application.
Is this possible? I notice that each have their own identity models, and I am looking for a way of sharing this, ie. some documentation to resolve this.
Looking for:
- Is this possible?
- Documentation and more information on implementation (how to)
I am resolving by use of Identity Server, which both applications will hook into. Will just take a bit of re-jigging.
Im making an application in MVC 5, and I've commented out all the code in Startup.Auth.cs and Startup.cs because I felt that I dont need them and Visual Studio seems to be ok with it. Im thinking about deleting them completely but I just want to make sure that they aren't necessary.
Thanks
Looks like you don't need any authentication in your application and in that case you can get rid of those files. Those are added part of your creating the MVC application. Yes, Startup.Auth.cs comes to support OWIN authentication. While creating the application, by default Individual User Account will be selected and hence you get those files. if you want no authentication then while creating new project under Configure Authentication button select No Authentication
They are used by SignalR and OAuth as classes to attach their implementations to the request pipeline through OWIN. If you are not using with of these, then you should be OK, as far as I am aware.
I want to develop a Single-Sign-On(SSO) or centralized authentication server (CAS) project for SSO between asp.net, php and java.
Is there any Single-Sign-On(SSO) or centralized authentication server (CAS) open source project using asp.net c# ?
If you're looking for something simple, you might consider an OpenID implementation. Since it's all HTTP request based authentication, ASP.NET, PHP and Java will have no problems working and you won't have to worry about creating and maintaining the credentials store, as that's all handled for you.
You can write the code yourself (check out openid.net) or you can use something like rpxnow.com, which is a 'wrapper service', to help you get started.
Hope this helps
I'm currently working on an application that will likely be deployed amongst various organizations within my current workplace. I need to develop a testable and properly designed authentication framework so that for each implementation folks can choose to use either Windows Authentication, Forms Authentication, a home-grown Single-SignOn system OR OpenID.
So given ASP.NET MVC (and in particular I'm using the S#arp Architecture framework) how should I go about doing this?
Ideally it would be nice if folks can simply make changes to the web.config file in each case.
Thanks
ASP .NET MVC supports ASP .NET membership provider, making it easier for you to handle Windows/Forms Authentication without any hassle. As long as you specify the required information on the web.config. The default site comes with an example.
For other options of implementation, Kigg has an OpenID implementation which also includes the unit testing code.
I guess that after learning how those work you'll find a way to include your "home-grown Single-SignOn" authentication framework :P
Update:
In order to use the membership provider using your own users table, you must implement a custom provider. The configuration through the web.config will be available anyways, but you'll need to create a class which implements the MembershipProvider abstract class.
Here's a link to a video and some source code explaining how to achieve this.