We run multiple apps to provide services to our members at our organization
1. DotNetNuke as CMS
2. Classic ASP custom app for membership management and event management
3. ASP.NET app for providing online learning
4. Wordpress blog
Can somebody please suggest a way to enable Single Sign On in this kind of an environment.
I am looking for a solution which would enable adding any kind of application easily to the SSO in the future.
We host most of the apps, but there are some being hosted outside our environment as well.
All members are customers in different locations.
THanks
You could use Live ID:
Windows Live ID with dotnetnuke:
http://www.datasprings.com/Resources/ArticlesInformation/DotNetNukewWindowsLiveAuthentication/tabid/828/language/en-US/Default.aspx
Windows Live ID with wordpress:
http://social.msdn.microsoft.com/forums/en-US/wliddev/thread/a34d1585-e602-4519-858c-0bb5ae02856d/
You could also use Open ID, the same as stackoverflow.
Live ID will be compatible with Open ID:
http://winliveid.spaces.live.com/
Have not been able to find a reference to use of Live ID with classic ASP.
You can use Windows Live ID to identify people with it.
Related
I have a basic website created using VB.NET. I need to add authentication and, as we use Azure Active Directory, I thought I could connect it to that.
All I need to do is be able to have the username of the current user, so I can then turn on or off buttons etc depending who they are.
All the examples I can find are for ASP.NET Web applications.
How do I add to a standard site?
Thanks
Gareth
I have a legacy Asp.Net Web forms app which I'm migrating to .net 5. I'm trying to migrate this piece by piece. I'm using Microsoft YARP as reverse proxy - https://github.com/microsoft/reverse-proxy which helps to retarget URLs of old application to new application without users knowing it. So this first part is done.
But now I'm facing issues where users are finding critical issues in new app and this is becoming hard to handle. So I was thinking to implement a link/button on the pages which will allow users to use legacy or new app as needed. I have seen many websites which allow to switch between classic and new version of their websites. But not sure, how should I approach this with YARP. As I see YARP configuration gets applied to all users and it is kind of static. It can be reloaded, though. In my case, User-A may want to use a page from legacy app and User-B may want to use it from new app.
I read on their site that I can write an middleware to handle custom logic but not sure how to approach this. Any guidance will be more than helpful.
You can use the migration assistant from Microsoft incremental migration tutorial to auto-setup a YARP reverse proxy.
Don't forget edit on appsettings.json, the property fallBackApp on ReverseProxy section after deploying your .NET Core application .
I have a simple 2-page ASP.NET application that is hosted as a 'azure website'. I want to make this application secure by integrating with my company's ADFS. What is the simplest way to integrate this app with ADFS. I don't want to go through ACS if I don't have to. It looks like it is possible to make the asp.net app talk to adfs directly using WIF.
Can someone confirm if this will work and share any pointers to get this working?
You are spot-on about not considering ACS.
The simplest way is to just let the tooling in Visual Studio 2013 wire it up for you.
Create a new ASP.NET Web Application project and in the new project dialog, click on the Change Authentication button.
Next, select the Organizational Accounts radio button, choose On-Premises in the drop-down, and fill in your On-Premises Authority and App ID URI.
Vittorio blogged about the full experience here if you need more detail.
You will have to substitute in the correct URL's for your Azure Website, but this should get you going in the right direction.
We have many custom built web applications (both external & internal) written in Classic ASP and ASP.NET 2.0 technologies. Internal users can upload files to these websites, which can then be viewed by External Users. In some cases, external users can upload documents as well.
Screenshot #1 gives a brief idea about the existing architecture.
Internal users upload documents to custom web applications. These documents are stored in a folder structure defined under the web application.
Meta data and user permissions like who can access the documents are stored in SQL Server database.
The same set of documents that are being uploaded to custom web applications also exist in SharePoint. However, the custom web applications are unaware of SharePoint. So, users have to download them from SharePoint and then Upload it to the custom web applications. We are currently using SharePoint 2010.
External users can also upload documents to the custom web applications. The meta data and user permissions of the document are saved into database based on the user who is uploading the document.
Screenshot #1:
Screenshot #2 shows the architecture that I am trying to achieve. I have done very little SharePoint development. Mostly, I have used the SharePoint web services to retrieve some list content but nothing more than that. Our future Custom Web Applications might be written using ASP.NET MVC. Please find the questions after the screenshot.
Screenshot #2:
Here are my questions:
I would like to have internal users continue to upload and maintain their documents in SharePoint. User security model is already defined in the SQL Server database. This security permissions should be available in the SharePoint document properties so users can choose who can view the document from the custom web applications. How can I achieve this? Should I have to copy the SQL Server user permissions info to SharePoint?
I believe that SharePoint Web Services or Business Connectivity Services (BCS) can help in retrieving the document and its related info from SharePoint. Which one of these would better suit this scenario?
Custom web app should display only the committed versions of the documents. If a user has checked out a document in SharePoint to make any changes, that checked out version of the document should not be visible to External users. Is that possible?
Has anyone tried this approach? Are there any pitfalls with this model? Are there any performance concerns with this design?
Will this design be of any hindrance if I rewrite our existing applications using ASP.NET MVC?
Is it possible to make use of SharePoint search feature within the custom web application (ASP.NET Web Forms / ASP.NET MVC)? In other words, can I send search criteria from custom web app and have SharePoint do the search and return the results back to custom web app?
I really appreciate your inputs.
Thanks in advance.
Question 1
Hard to say without having more details. So I'm going to assume that you currently use Active Directory for your authentication store. So this means that your SQL Server defines a list of roles and then has assigned memberships to these roles. I'm going to assume that your assigned membership is to AD users or groups. If this is true then I think your on the right path to push your permissions from SQL Server into SharePoint. SharePoint's API will accommodate what you need to do, however SharePoint has no built into mechanism for syncing your permission changes so that means you end up writing a whole lot of plumbing code. I would recommend that you research products that can handle the synchronization for you. Microsoft MIIS (I believe it is called Forefront Identity Management now) offer a set of architecture patterns that you should investigate.
Question 2
SharePoint Web Services or the SharePoint Client Access Services should work fine. I would highly recommend that use a proxy pattern to isolate your application from SharePoint calls (so you can isolate your application from SharePoint upgrades and potential content management server changes).
Question 3
Yes, that is possible. If you are using the publishing features of SharePoint Server (NOT SharePoint Foundation) you will have an easy way of identifying the current published version. Otherwise the service account you query with should be setup so it can only read published versions then SharePoint will automatically trim your query.
Question 4
I have not personally tried this design, but I really like the concept of creating a content management domain and then putting an abstract service layer on top of it. Will you have scale problems, depends on how you configure SharePoint and your applications. You can do it right or wrong. An depth answer between the two cannot be covered here. My one piece of advice is to make sure you plan for caching in your service interfaces (cache, cache, cache).
Question 5
Not if you implement it as a Service Layer. You would just use a repository pattern to call the service and return back entities for your model.
Question 6
Yes, Search is exposed via an API so it can be wrapped in a service layer too.
Good luck and feel free to contact me directly for more in depth discussion.
during web site design stage or when web site is running on production server?
If it's used then it's during design stage to make some settings, create (test) users and roles and mix these two together.
Personally I don't really use it during development for customers as these applications mostly have to integrate with a legacy users database or something else like NAM. For these I simply create custom membership and role providers, plug them in, works.
If you are building an asp.net site from scratch its a very useful tool to expedite your development process.
It can create an authentication system for you that ties directly into the login control available in visual studio.
I find it particularly useful for creating and configuring the .NET Roles and Membership tables.