Menu
I'm attempting to implement a web app using a microservice architecture by breaking up major components into separate web servers. I'm implementing an authentication server using ASP.NET Identity (email/username logins only, no Facebook, etc) and a "main" application server.
My current challenge is figuring out how the application server will recognize if a user has logged via the authentication server. Since the authentication server generates tokens which it users to verify users's identities, I imagine that they are stored somewhere and can be queried by the application server, but I'm not sure how to go about doing this. Ideally, my application servers WebAPI endpoints will be able to use the [Authorize] annotation.
Q: How can one server control access via a separate authentication server using ASP.NET Identity?
360
ASP.NET comes with built-in support for developing and deploying your microservices using Docker containers. . NET includes APIs to easily consume microservices from any application you build, including mobile, desktop, games, web, and more.
Monolithic vs Microservices Architecture Microservice is an approach to create small services each running in their own space and can communicate via messaging. These are independent services directly calling their own database. Following is the diagrammatic representation of microservices architecture.
An API Gateway decouples the service producer from its consumer, providing a security layer since you need not expose your microservices directly. As soon as it receives a request, it breaks it into multiple requests (if needed) and then routes them to the appropriate downstream microservice.
Microservices is just a set of architectural principles. It doesn't depend on the language that is used to implement these principles. A microservice in ASP.Net (. Net Framework) could be implemented using ASP.Net Web API, using HttpClient to initiate requests to it.
I've done something similar by doing the following (using cookie authentication):
1 - set the cookie domain to be the TLD across all websites
My Startup.Auth.cs looks like this:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => {
var identity = manager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
//some additional claims and stuff specific to my needs
return Task.FromResult(identity);
})
},
CookieDomain = ".example.com"
});
2 - update the web.config of all websites to use the same <machineKey />
Mine looks like this:
<machineKey
decryption="Auto"
decryptionKey="my_key"
validation="HMACSHA512"
validationKey="my_other_key" />
Now I can perform login operations on, say, account.example.com, and redirect the user to site1.example.com and they will be seen as authenticated.
126
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
