Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

C# ASP.NET Single Sign-On Implementation

Tags:

c#

asp.net

single-sign-on

I am tasked with implementing single sign-on for our customers as part of our next release. The flow exists as follows:

  1. User logs into their school's main portal system using a student id/password provided to him/her by the school.
  2. User clicks the link to my company's product.
  3. User is automatically taken to the dashboard page as if they had just logged in through the login form on our site.

Thus, there are two mechanisms by which a user can be authenticated into our site:

  1. Coming to our product's home page, and logging in using the email/password that we store in our local system.
  2. Using the single sign-on where the student has already logged into the school's main system with a student id and password.

If our product's implementation is in ASP.NET (as opposed to Java/Ruby), should we be using CAS, JOSSO, or some other third party single sign-on product? Or is there something available to a .NET environment which would be simpler for us as a .NET company?

like image 661
Adam Levitt Avatar asked Jan 13 '13 22:01

Adam Levitt

People also ask

What C is used for?

C programming language is a machine-independent programming language that is mainly used to create many types of applications and operating systems such as Windows, and other complicated programs such as the Oracle database, Git, Python interpreter, and games and is considered a programming foundation in the process of ...

Is C language easy?

C is a general-purpose language that most programmers learn before moving on to more complex languages. From Unix and Windows to Tic Tac Toe and Photoshop, several of the most commonly used applications today have been built on C. It is easy to learn because: A simple syntax with only 32 keywords.

What is the full name of C?

In the real sense it has no meaning or full form. It was developed by Dennis Ritchie and Ken Thompson at AT&T bell Lab. First, they used to call it as B language then later they made some improvement into it and renamed it as C and its superscript as C++ which was invented by Dr. Stroustroupe.

Is C programming hard?

C is more difficult to learn than JavaScript, but it's a valuable skill to have because most programming languages are actually implemented in C. This is because C is a “machine-level” language. So learning it will teach you how a computer works and will actually make learning new languages in the future easier.

2 Answers

There are multiple options to implement SSO for a .NET application.

Check out the following tutorials online:

Basics of Single Sign on, July 2012

http://www.codeproject.com/Articles/429166/Basics-of-Single-Sign-on-SSO

GaryMcAllisterOnline: ASP.NET MVC 4, ADFS 2.0 and 3rd party STS integration (IdentityServer2), Jan 2013

http://garymcallisteronline.blogspot.com/2013/01/aspnet-mvc-4-adfs-20-and-3rd-party-sts.html

The first one uses ASP.NET Web Forms, while the second one uses ASP.NET MVC4.

If your requirements allow you to use a third-party solution, also consider OpenID. There's an open source library called DotNetOpenAuth.

For further information, read MSDN blog post Integrate OpenAuth/OpenID with your existing ASP.NET application using Universal Providers.

Hope this helps!

like image 58
Shahed C - MSFT Avatar answered Oct 12 '22 04:10

Shahed C - MSFT

I am late to the party, but for option #1, I would go with IdentityServer3(.NET 4.6 or below) or IdentityServer4 (compatible with Core) .

You can reuse your existing user store in your app and plug that to be IdentityServer's User Store. Then the clients must be pointed to your IdentityServer as the open id provider.

like image 24
Evdzhan Mustafa Avatar answered Oct 12 '22 04:10

Evdzhan Mustafa
Sign in to Comment

Related questions

Controlling execution order of unit tests in Visual Studio
Resharper's example code for explaining "Possible multiple enumeration of IEnumerable"
swagger-ui returns 500 after deployment
How to get a char from an ASCII Character Code in C#
Show a child form in the centre of Parent form in C#
System.Collections.Generic.List does not contain a definition for 'Select' [duplicate]
How to install a windows service programmatically in C#?
Directory.GetFiles: how to get only filename, not full path? [duplicate]
Which passwordchar shows a black dot (•) in a winforms textbox?
How can I convert a class into Dictionary<string,string>?
Matching strings with wildcard
Using Linq to return a Comma separated string
Remove HTML tags from string including &nbsp in C#
GET and POST methods with the same Action name in the same Controller [duplicate]
moq objects Returns method, should return a null object
How to know if a DateTime is between a DateRange in C#
Stored Procedures and updating EDMX
Why are operators so much slower than method calls? (structs are slower only on older JITs)
Do short-circuiting operators || and && exist for nullable booleans? The RuntimeBinder sometimes thinks so
What is the best choice for .NET inter-process communication? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!