single sign on for asp.net and sharepoint 2010 - asp.net

I have an asp.net application which signs users in manually. The custom authentication procedure checks several data sources and finally sets a forms authentication ticket for the user, if he is successfully authenticated.
I want to share this ticket with sharepoint 2010. I will not be signing in through sharepoint, so there is no need for authentication procedure to caried out on the sharepoint side.
I have tried using claims-based authentication on the sharepoint side, but don't really know how to set it up, since I do the authentication manually on the asp.net application.

I endded up going with STS. Works very well. There is an MS devkit that has some templates for VS2010 that get you going very quickly.

Related

ASP.NET VB Web app using azure authentication

I have a basic website created using VB.NET. I need to add authentication and, as we use Azure Active Directory, I thought I could connect it to that.
All I need to do is be able to have the username of the current user, so I can then turn on or off buttons etc depending who they are.
All the examples I can find are for ASP.NET Web applications.
How do I add to a standard site?
Thanks
Gareth

ASP.NET .NET Framework 1.0 and Authentication

I have an older ASP.NET (.NET 1.0) web application that is using Windows authentication. We want to remove the Windows authentication since the AD server for this particular web application needs to be decommission. We want to keep some type of authentication for this older web-application. I am thinking this leaves us with Forms and Passport authentication modes (but not sure of support in a .NET 1.0). I am trying to avoid a major rewrite since the web-application is not being used much anymore (only being used by one user). Any idea of a quick and simple solution to remove Windows authentication to something else for authentication?
If the domain controller is to be decommissioned I take it the entire office will reverted back to a domain-less workgroup environment. I also take it all workstations will be configured to leave the domain prior to destroying the domain controller once and for all.
Since it's only down to one user for a web application that has little value in enhancement, you may be able to get away by creating the very same user account with the same password on the web server. That way when s/he accesses the web app on that server, the Windows authentication mechanism will attempt to negotiate as SERVER\username in the local SAM store instead of relying on the previous DOMAIN\username account.

SSO for sharepoint 2010 and asp.net app using adfs

I was tasked with creating an SSO solution from an existing asp.net app to a new sharepoint 2010 app.
The existing asp.net app uses forms authentication, but not against a single data source. It checks a database, active directory and a few mainframe tables to authenticate, and finally creates a forms authentication ticket.
I was looking to share the token between sp2010 and the asp.net app, but I am now realizing this is not possible, due to the fact the sp2010 does not use simple FBA tokens any more.
So now I am looking to go the STS and claims-based route. After looking in to it a little, I understand that using ADFS would be much better than building a custom STS for the asp.net side. My issue is that since I have the custom ticket creation authentication method on the asp.net side, I don't have a single data source to "feed" the adfs. I am new to sharepoint and adfs and I really don't know how to begin this type of integration.
Can anyone help me get my head around this?
Thank you!
ADFS attribute stores might solve your problem, although for this to make sense you would ideally integrate Windows Identity Foundation (WIF) into your application, which might be an intrusive change.
http://technet.microsoft.com/en-us/library/adfs2-help-attribute-stores(v=ws.10).aspx
In short, ADFS is not limited to AD for collecting user data. You can configure it to query other user attribute stores, such as your database. You can then author rules within ADFS to tell it what queries to make, and ADFS will use these queries to populate user claims into the token that ADFS issues to your application.

Offering all authentication mechanisms in an ASP.Net web application

Mine is a web product (delivered to a browser), being built on ASP.Net (Framework 4.0).
Most customers seek Single Sign On, such that their users should directly logon to the application on its invocation with the Windows or Active Directory login, they're using. Some other customers want the application to accept form based login credentials. So basically my web application should be able to adjust (configured) based on the customer's requirement. Their may be claims based authentication is some stray cases as well. I'd like to know the best way to achieve this in ASP.Net.
.NET open auth is your friend.
http://www.dotnetopenauth.net/
Then, there's active directory/LDAP:
http://www.codeproject.com/KB/system/everythingInAD.aspx#35
And your own provider + WinForms should be clear.

Is it possible to share an existing asp.net applications membership database with sharepoint 2010's, when using Forms based authentication

I am trying to integrate an existing asp.net application with sharepoint 2010. I would like to be able to have a logged in user on the application access a document library via an Iframe on the sharepoint 2010 site. I want to use FBA on sharepoint. Is it possible to share the membership database from the asp.net application with sharepoint? If not, what would be the best way to accomplish this?
The databases are identical so there is no reason you can't point the SharePoint FBA connection string to your existing database. However, I doubt the user will be transparently logged in.

Resources