asp.net mvc and webforms shared authentication - asp.net

I have few websites based on the WebForms and one based on MVC. All websites have the same settings for forms authentication in web config.
The problem is that once logged in to WebForms website, I have to re-login for MVC websites, but when I log out from MVC website, I am automatically logged out from WebForms websites.
How can I pass information to the MVC website that user was successfully logged in when using WebForms.

Try this article. Essentially, you want single sign on. That is the term to google for.
http://www.codeproject.com/KB/aspnet/SingleSignon.aspx

Related

Is there Sustainsys.Saml2 example for ASP.NET Web Forms

I try to SAML with Sustainsys.Saml2. I downloaded and run examples from their Github page. But all examples for ASP.NET MVC.
I develop my site with ASP.Net Web Forms. My site is service provider for SAML. I changed my web config as in the example but I can't redirect my login page to identity provider's login page.
The HttpModule sample is set up in the same way as a Web Forms app should be set up.

How To: Redirect from MVC .NET website to MVC .NET Core subsite without user having to 'relog'

I have a MVC ASP.NET site that uses a database lookup for user authentication and then stores authentication variables in cookies.
I want to redirect the user to a MVC ASP.NET Core subsite without the user losing his authentication variables.
I am not able to share cookies between the two sites due to different encryption-schemes.
Both sites are hosted on the same domain on a windows server (IIS). Is there any way to securely transfer data along with the url redirect?
Is there some obvious solution that i am missing?
Please let me know if you need additional information about the project.
As a temporary solution, the user is promted for a new login once he is redirected to the subsite. I wish to avoid this.
You can not share data from MVC web app to MVC core web app. That is because it is hard to do.
But, there is a way to share the authentication mechanism. You can have an identity provider which will be responsible for authentication of users in both the sites. The login functionality will be in the identity server. Once a user is logged in, both your sites will use those authentication data.

AngularJS ASP .Net MVC login

I have various AngularJS single page applications running in a single ASP .net MVC project.
In one of my AngularJS SPA's I need to create a login page which would show then show another page of information when successfully logged in. The username and passwords are stored in a database.
I am very new to ASP .net and would like some advice on the best way to (using my angular form) login and have some kind of session cookie so the user remains logged in for the duration of their session.
If you build SPA you with high probability use WebAPI. Reccomended way to authenticate API user is slightly different than usual cookie authentification.
To see how it works create a new project. If you have last VS2015 go to file -> New project -> ASP.NET Web Application -> Web API (Authentification: Individual UserAccounts).
If you just return Json(someData) in your MVC contollers and already have authentification it should work fine on tradition cookie authentification.

asp.net forms authentication across applications

I have a solution with an existing web forms website project (NOT web application project). I want to add a new mvc web application to the solution and have web forms site and mvc web app share forms authentication. I followed the article from microsoft but on localhost this does not work. In the solution, if I start both the webforms and mvc sites they have different port numbers for localhost so I authenticate in the webforms web site but the authentication cookie does not get picked up. Is there something obvious I am missing?
Forms Authentication Across Applications

Shared Authentication, Membership & Roles across DNN and ASP.net applications

Here's my situation. I have a DotNetNuke application. I want to link to an existing ASP.net website from within the DNN website, and have decided to use DNN's IFrame for that.
The existing ASP.net application uses Forms Authentication for security - only authorized users can access the pages. This asp.net application also requires user roles for authorization to different pages.
I don't want users to have to sign on twice, and I'd like the asp.net page to use the user membership and role data from the DNN application - it shouldn't require it's own membership database.
Is this possible? According to the MSDN website:
"ASP.NET supports forms authentication in a distributed environment, either across applications on a single server or in a Web farm. When forms authentication is enabled across multiple ASP.NET applications, users are not required to re-authenticate when switching between the applications."
Does this apply to DotNetNuke applications linking to asp.net applications? Both are on the same domain, too.
(I tried modifying the config.web of the asp.net page to work with the DNN config.web, matching machine keys and forms settings - but it didn't work. I could be doing something wrong, but before I pursue, I want to know if it's even possible.)
Thanks for any help!
I don't know if what you're talking about is possible within DNN. We're on DNN 4.0 and they do some weird things with the ASP.NET membership tables which may cause trouble.
What I can tell you is an alternative way (assuming you have control over the ASP.NET application). There is a project called MADAM (Mixed Authentication Disposition ASP.NET Modules - I know a bit of a mouthful) that can be used to provide a method other than forms authentication for application logon.
What you could do is set MADAM up on your ASP.NET application and from DNN pass user credentials to the ASP.NET application. The end result appears to the user as single sign on.
If you need me to elaborate on anything, let me know in the comments.
Actually i am displaying some aspx pages in a iframe module present on a dnn page. Now since inside the iFrame i am displaying aspx pages hosted elsewhere but on same server. I am just want to authenticate the dnn logged-in user before loading the page inside iFrame.
Do dnn provide any API which i can call from apsx pages hosted elsewhere in order to restrict access to ony unauthorized user.

Resources