Here's the scenario: one of our clients has about 60 applications (and is in the process of creating some new ones), all in the same domain, and he wants to integrate authentication for all. So the basic requirement is to create (setup?) an "authentication
service" that would allow a user to sign on only to the first application. Of course this sounds as an SSO implementation, with the exception that we don't need to worry about multiple domains.
All authentication is for external users, so they don't need to integrate with AD (it's all Forms authentication). They do requiere to use a challenge/response mechanism for authentication, beacuse of a norm they have to compile to.
I've never actually done an implementation of something like this. I've used ASP.NET Identity in the past, but never to "integrate" several applications and share user information amongst them. I've looked into concepts like ADFS, Identity Server, STS, but
I'm not sure on what approach I should take here.
Any suggestions? Is it worth building something from scratch? Thanks a lot for your help.
@carejunto @lechuzadigital Entrenamiento para desarrolladores, en español: http://lechuzadigital.com
Work is for those who can't code.
Don't forget to mark the post as answer if it helped you.
According to your description , As far as I know , you can achieve it by Single Sign on(SSO) . You log in main application , then you can access sub-applications without validate again .
For more details , Check out the following tutorials online:
Participant
1625 Points
487 Posts
Best approach for authentication service
Sep 27, 2016 03:09 PM|hugonne|LINK
Hello all.
Here's the scenario: one of our clients has about 60 applications (and is in the process of creating some new ones), all in the same domain, and he wants to integrate authentication for all. So the basic requirement is to create (setup?) an "authentication service" that would allow a user to sign on only to the first application. Of course this sounds as an SSO implementation, with the exception that we don't need to worry about multiple domains.
All authentication is for external users, so they don't need to integrate with AD (it's all Forms authentication). They do requiere to use a challenge/response mechanism for authentication, beacuse of a norm they have to compile to.
I've never actually done an implementation of something like this. I've used ASP.NET Identity in the past, but never to "integrate" several applications and share user information amongst them. I've looked into concepts like ADFS, Identity Server, STS, but I'm not sure on what approach I should take here.
Any suggestions? Is it worth building something from scratch? Thanks a lot for your help.
Entrenamiento para desarrolladores, en español: http://lechuzadigital.com
Work is for those who can't code.
Don't forget to mark the post as answer if it helped you.
Star
11434 Points
2439 Posts
Microsoft
Re: Best approach for authentication service
Sep 28, 2016 11:46 AM|Yohann Lu|LINK
Hi hugonne,
According to your description , As far as I know , you can achieve it by Single Sign on(SSO) . You log in main application , then you can access sub-applications without validate again .
For more details , Check out the following tutorials online:
Basics of Single Sign on (SSO):
http://www.codeproject.com/Articles/429166/Basics-of-Single-Sign-on-SSO
Best Regards,
Yohann Lu
MSDN Community Support
Please remember to "Mark as Answer" the responses that resolved your issue.