Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to implement SSO using Identity Server?

Tags:

I have a number of legacy .NET Framework web apps that use .NET Membership and Forms Authentication. They each have their own login pages but they are all on the same domain (e.g. .mycompany.com), share an ASP.NET Membership database and share a machine key so they are able to recognize each other's cookies to achieve SSO; i.e. if you log into one app then you're logged into them all, same with logging out.

Now I want all future apps to be developed in .NET Core and use a common Identity Server as a centralized authentication mechanism. I have a simple Identity Server up and running as well as a couple different flavors of .NET Core client apps. All this works great. The hurdle I can't seem to get over is SSO among all the mycompany.com apps. Brock Allen recommended here that I take a look at the client samples for inspiration.

The MVC OWIN Client (Implicit) sample gets me most of the way there. I'm able to port my legacy apps over to use OWIN cookie authentication and OIDC, but it's not true SSO. Currently, if I log into app1.thirdparty.com, then I am redirected to identityserver.mycompany.com for authentication. After I login to identityserver.mycompany.com then I gain access to app1.thirdparty.com, which is great, but I also have to do this same process for each of the mycompany.com apps. Granted I don't have to enter my credentials each time because I already have a session established with identityserver.mycompany.com but I still have to go to each app and click the login button before I'm officially logged in. I'd prefer that logging into identityserver.mycompany.com initiate SSO with all of my other apps within the mycompany.com domain. Similarly, if I am already logged in to the mycompany.com apps then I'd like identityserver.mycompany.com to be aware of that and not require me to enter my credentials again.

Is this possible? How would I go about it?

like image 392
Raymond Saltrelli Avatar asked Sep 06 '17 12:09

Raymond Saltrelli

1 Answers

This article had exactly the information I was looking for. Microsoft.Owin.Security.Interop provides the shims you need to get this to work.

like image 85
Raymond Saltrelli Avatar answered Sep 30 '22 15:09

Raymond Saltrelli
Sign in to Comment

Related questions

How to mock only one method of one injected dependency and inject the rest normally?
Colour area above diagonal in the plot as red and below as green in R with ggplot
Running a single docker container on Google Cloud Platform
Connect swift to sql server
How to get furniture models from 3d.io into ARKit
Reuse Services without circular dependencies
Vuejs and vue-socketio: how to pass socket instance to components
VSX? VMX? Altivec? VR? VSR?! How these PowerPC SIMD acronyms relate to each other?
Single Line from file is too big?
Cannot chmod file on Openshift online v3 : Operation not permitted
why app install count is showing less than app uninstall count in Google developer console
Guarantee that std::container::size_type is a std::size_t

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!