Last post Mar 27, 2014 03:06 AM by Fletch76
Mar 26, 2014 10:09 AM|Fletch76|LINK
own username/password accounts as they can do with the ASP.NET Web API implementation of ASP.NET Identity using AccountController.
Question 1) Can/Should I do this?
Question 2) How do I do this?
My first thought was to just copy the appropriate classes (AccountController, Startup.Auth, ApplicationOAuthProvider, etc) from a template ASP.NET MVC WebApi project and add a reference to Microsoft.AspNet.Identity.EntityFramework and System.Web.MVC but
I don't know what impact this would have. If it worked would I have just taken control of the Authentication logic with the portal "Identity" no longer having any effect?
The other option is to simply start with a Web Api project and add the Mobile Services functionality to that instead (Although I couldn't see how to create a Web Api project without MVC but that is a different question).
Thanks for any help.
Mar 27, 2014 02:37 AM|Michelle Ge - MSFT|LINK
According to your description, you want to use windows azure portal and common Identity Providers. Please refer to delegate your entire authentication and authorization system to ACS.
There is an artical about Azure Acs plus asp.net MVC memberships, the “website ACS signin page” is the url you tell ACS to send the user to after they have been successfully authenticated. This is the place where I check the identity claim against the database
and sign in the appropriate user. It is also possible to add a new user signup to the association process.
Please refer to the link below:
If you have any Azure question, please refer to Azure forum:
Hope it's useful for you.
Mar 27, 2014 03:06 AM|Fletch76|LINK
Thank you for your response. I have used ACS to handle the authentication for a mobile app on a previous project but Azure Mobile Services uses a different model and is not set up to work with ACS. Like you say with ACS you let it worry about the different
identity providers and just passes back a claims bases authentication token to the service. However with Mobile Services it is aware of the identity providers and you have to tell it about the secret keys you generate directly. You can do this through the
Mobile Services Identity tab on the windows azure platform. This is shown in step 4 in the documentation:
In fact this process is one of the advantages of Mobile Services, you don't have to write any code to parse the ACS token it just works out of the box. My question is can you extend this to also allow the user to create their own username and password by
adding ASP.NET Identity to the project. However the more I look at it the more I think it is not the correct approach and I would be better of using a ASP.NET Web Api project. As it happens this also avoids using ACS but this time you give it the secret kets
Maybe you are right and this is a better question for the Azure forum.