I have an asp.net intranet application where a user is logged into. I would like to authenticate this same user on another asp.net application which is public and in a diffrenent domain.
Is it possible to somehow use his token securely that was created in for the intranet application ? So the user does not have to login again? what to use here, asp.net forms authentication?
thanks
the thing what you want is called CAS.
Related
I have a web application which uses Firebase authentication and in some cases user is redirected to a website (hosting) that uses the same proccess for authentication.
My doubt is: is there a way to use the same user login from app to website? Because now, user has to authenticate twice, on app and website and it's not good for their experience.
Thanks in advance!
This is an idea:
Make that redirect parts a WebView and then pass data from the app to the web view.
Ithe web view uses that data. You can put the user token here and authenticate in that way.
I have an ASP.NET MVC site that runs on www.company.com and has all the user registration and login pages etc. I use Identity 2.0 for user management.
I would like to start migrating the site to an angular application with asp.net core web API on app.company.com
I'm not sure how to manage the user authentication / authorization.
The user would login to www.company.com, and parts of the site will (seamlessly to the user, aside from the URL change) go to app.company.com
How can I have a seamless sign on experience with app.company.com? app.company.com would need to know who the authenticated user is, even though that user authenticated against www.company.com?
I have had the same situation in one of my project. Our solution was to use IdentityServer for SSO. You can configure IdentityServer to use your existing user database.
I need to get current username of user who start silverlight application.
I was able to do it, when I get User.Identity.Name in aspx page and pass it to silverlight app.
But it requires windows authentication, so asks users to sign in with domain user(with same domain as iis server).
Is it possible to get windows username, without asking user to sign in, and get name even if user is in another domain?
It is not possible. You should use windows authentication within your service.
I have a Sharepoint Site(am not the SP expert) where user logs in this is form based authentication model where Username password is stored in a db...now when user clicks on a link i want him to redirect to a MVC3 application. While doing so i want user tobe autmatically signed in to MVC application. What is the best way to implement that.
Thanks
One way is to pass authentication token in the http header from SharePoint to other web application. Then, MVC application should validate the token before accessing the web site.
I have an ASP.NET site on a public web server, where users login using forms authentication.
I would like users within certain organisations to be able to login automatically through Windows authentication (bypassing the login page). However, because these clients are on lots of different servers, I can't just build in Windows security to the main site. (I know there are articles on how to mix Windows and Forms security.)
My idea is for each organisation to install a page onto their intranet which redirects to my website and authenticates the user according to their Windows domain and username. Is this possible to achieve securely? How could I go about doing it?
What you have described is almost federated identity.
As well as a page on each site, you will also need a webservice whch will validate a token.
Essentially the flow is:
User comes to your logon page
you redirect them to their company logon page
their company logon page takes their credentials and redirects back to you returning a token
you then call their webservice to validate the token an determine who the user is.
Many public API's use this scheme (facebook being a notable example).
look up oauth and federated identity for more information.