Last post Dec 21, 2016 11:08 PM by Taichung
Dec 20, 2016 10:27 PM|Taichung|LINK
Hi, I'm using VS2013, asp.net and C#
I want to create a Web Api project and add it on to a solution. The Change Authentication comes up with several options but under the Organization Account, why I don't see drop down options for On Premise and Multi-Organization? I only see the One-Organization
This web API should only be available for internal and maybe in the future, external partners. To make this simple, would it be secure enough if I make this a Windows Authentication and then each web api call, the caller would need to pass in a user id
and password for the api to work. The web api will also be published as a web site in IIS server with SSL cert installed. Will this be secure enough?
Another quesiton, if the authentication mode is set to Windows Authentication, how does that work? Other application will call my web api, what account will the application be running from that web server? Right now it will be called by a Java web application.
I'm just not clear on how it is Windows authentication when it's an application that's calling.
Dec 21, 2016 10:10 AM|Chris Zhao|LINK
The Change Authentication comes up with several options but under the Organization Account, why I don't see drop down options for On Premise and Multi-Organization? I only see the One-Organization option
Select "MVC" in the subtemplate screen, then hit "Change Authentication".
Select Organizational Accounts from the options on the left, then click on the top combo box.
if the authentication mode is set to Windows Authentication, how does that work?
If you select Windows Authentication, the application will be configured to use the Windows Authentication IIS module for authentication. The application will display the domain and user ID of the Active directory or local machine account that is logged
into Windows but won't include user registration or log-in UI. This option is intended for Intranet web sites.
This web API should only be available for internal and maybe in the future, external partners.
You can use On-Premises Organizational Authentication to create an Intranet site or an Internet site. For an Internet site, use Active Directory Federation Services (ADFS) to provide access to AD. For more information, see Use
the On-Premises Organizational Authentication Option (ADFS) With ASP.NET in Visual Studio 2013.
Dec 21, 2016 11:08 PM|Taichung|LINK
So I can't use the Web Api template if I want to use On Premise or Multi Org Authentication mode?
If another web application calls my web api then the Windows Authentication will use the Computer account where this calling application reside? So, the calling PC will be authenticated if it's on our company domain?