@manhng

Welcome to my blog!

Keycloak and SSO in ASP.NET MVC 5 + ASP.NET Core MVC

October 30, 2019 11:58

Keycloak and SSO in ASP.NET MVC 5 (edit)

https://github.com/dylanplecki/KeycloakOwinAuthentication/wiki/ASP.NET-MVC-Tutorial

Keycloak and SSO in ASP.NET Core

https://medium.com/@xavier.hahn/adding-authorization-to-asp-net-core-app-using-keycloak-c6c96ee0e655

An example single page asp.net core application that uses Angular and Keycloak as identity provider.

https://github.com/Gimly/SampleNetCoreAngularKeycloak

ASP.NET Web API 2

https://github.com/SoftUni/SPA-with-AngularJS/tree/master/Ads-REST-Services

https://nakov.com/blog/2014/12/22/webapi-owin-identity-custom-login-service/

https://www.red-gate.com/simple-talk/dotnet/asp-net/introducing-single-sign-on-to-an-existing-asp-net-mvc-application/

https://dzone.com/articles/learn-how-to-secure-your-aspnet-mvc-app-with-sso

https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/individual-accounts-in-web-api

https://www.codeproject.com/Articles/1183150/Securing-ASP-NET-Web-API-using-Custom-Token-Based

Keycloak - Server Application Guide

https://scalac.io/user-authentication-keycloak-1/

https://www.keycloak.org/docs/7.0/server_admin/

Xác thực tiếng Việt

https://medium.com/@hoantv1506/h%C6%B0%E1%BB%9Bng-d%E1%BA%ABn-oauth2-v%C3%A0-x%C3%A2y-d%E1%BB%B1ng-m%E1%BB%99t-authorization-server-c%C6%A1-b%E1%BA%A3n-cho-ng%C6%B0%E1%BB%9Di-m%E1%BB%9Bi-b%E1%BA%AFt-%C4%91%E1%BA%A7u-9177c2807a64

SSO in ASP.NET

https://www.codeproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic

https://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl-2

https://www.codeproject.com/articles/1140228/implementation-of-single-sign-on-sso-in-asp-net-mv

https://www.scoop.it/topic/net-coding

https://silverhair2010.wordpress.com/2012/11/21/single-sign-on-sso-for-cross-domain-asp-net-applications-refer/

https://sudoman1012.wordpress.com/2015/02/11/dev-tip-single-sign-on-sso-for-cross-domain-asp-net-applications/

Hi nageshrgosul,

According to your description, as far as I know, you want to implement cross domain SSO,

Single Sign On (SSO) for cross-domain ASP.NET applications: Part-I - The design blue print:

https://www.codeproject.com/Articles/106439/Single-Sign-On-SSO-for-cross-domain-ASP-NET-applic 

Single Sign On (SSO) for cross-domain ASP.NET applications: Part-II - The implementation:

https://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl 

Introducing Single Sign-on to an existing ASP.NET MVC application:

https://www.red-gate.com/simple-talk/dotnet/asp-net/introducing-single-sign-on-to-an-existing-asp-net-mvc-application/ 

Best Regards,

Eric Du

SSO in .NET Core

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/community?view=aspnetcore-2.0

  • AspNet.Security.OpenIdConnect.Server (ASOS)
  • Gluu Server
  • IdentityServer
  • OpenIddict

https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity?view=aspnetcore-3.1&tabs=visual-studio

IdentityServer4 is an OpenID Connect and OAuth 2.0 framework for ASP.NET Core. IdentityServer4 enables the following security features:

  • Authentication as a Service (AaaS)
  • Single sign-on/off (SSO) over multiple application types
  • Access control for APIs
  • Federation Gateway

https://forums.asp.net/t/2098726.aspx?How+can+i+do+a+Single+Sign+On+Step+by+step+Asp+net+MVC+5+Authentication+

http://forums.asp.net/t/1335297.aspx?how+to+implement+single+sign+on+in+c+net

http://arunendapally.com/post/implementation-of-single-sign-on-(sso)-in-asp.net-mvc

http://www.codeproject.com/Articles/429166/Basics-of-Single-Sign-on-SSO

https://msdn.microsoft.com/en-us/library/ms972971.aspx

SSO:

https://www.learmoreseekmore.com/2019/09/part-1-share-authentication-cookie-sso.html (Show Code)

https://www.miniorange.com/asp.net-single-sign-on-(sso) (Show Code)

https://www.objectivity.co.uk/blog/introducing-sso-single-sign-existing-asp-net-mvc-application/

https://developers.onelogin.com/ (Chargeable)

SSO:

https://stackoverflow.com/questions/14309090/c-sharp-asp-net-single-sign-on-implementation

There are multiple options to implement SSO for a .NET application.

Check out the following tutorials online:

Basics of Single Sign on, July 2012

http://www.codeproject.com/Articles/429166/Basics-of-Single-Sign-on-SSO

GaryMcAllisterOnline: ASP.NET MVC 4, ADFS 2.0 and 3rd party STS integration (IdentityServer2), Jan 2013

http://garymcallisteronline.blogspot.com/2013/01/aspnet-mvc-4-adfs-20-and-3rd-party-sts.html

The first one uses ASP.NET Web Forms, while the second one uses ASP.NET MVC4.

If your requirements allow you to use a third-party solution, also consider OpenID. There's an open source library called DotNetOpenAuth.

For further information, read MSDN blog post Integrate OpenAuth/OpenID with your existing ASP.NET application using Universal Providers.

Hope this helps!

SSO:

Single Sign On (SSO) for cross-domain ASP.NET applications: Part-II - The implementation

Original source ccan be located at http://www.codeproject.com/Articles/114484/Single-Sign-On-SSO-for-cross-domain-ASP-NET-appl

Al-Farooque Shubho, 4 Oct 2010

Implementation approach of a domain independent Single Sign On (SSO) for ASP.NET applications.

SSO in ASP.NET MVC:

http://arunendapally.com/post/implementation-of-single-sign-on-(sso)-in-asp.net-mvc

https://dzone.com/articles/learn-how-to-secure-your-aspnet-mvc-app-with-sso

SSO in Microsoft:

Authorized client applications section, you identify the applications that you want to authorize to your add-in's web application. Each of the following IDs needs to be pre-authorized.

  • d3590ed6-52b3-4102-aeff-aad2292ab01c (Microsoft Office)
  • ea5a67f6-b6f3-4338-b240-c655ddc3cc8e (Microsoft Office)
  • 57fb890c-0dab-4253-a5e0-7188c88b2bb4 (Office on the web)
  • 08e18876-6177-487e-b8b5-cf950c1e598c (Office on the web)
  • bc59ab01-8403-45c6-8796-ac3ef710b3e3 (Outlook on the web)

Auth

December 13, 2017 09:39

Modern Large Applications

Security Assertion Markup Language (SAML)

https://developers.onelogin.com/saml

SAML Tutorial: How SAML Authentication Works - SAML 2.0 SSO Flow Diagram

Security Assertion Markup Language (SAML) is a standard for logging users into applications based on their sessions in another context. This single sign-on (SSO) login standard has significant advantages over logging in using a username/password:

  • No need to type in credentials

  • No need to remember and renew passwords

  • No weak passwords

Most organizations already know the identity of users because they are logged in to their Active Directory domain or intranet. It makes sense to use this information to log users in to other applications, such as web-based applications, and one of the more elegant ways of doing this is by using SAML.

SAML is very powerful and flexible, but the specification can be quite a handful. OneLogin’s open-source SAML toolkits can help you integrate SAML in hours, instead of months. We’ve come up with a simple setup that will work for most applications.

5 Steps to Add Modern Authentication to Legacy Apps Using JWTs

https://auth0.com/blog/5-steps-to-add-modern-authentication-to-legacy-apps-using-jwts/

REST vs. SOAP

https://auth0.com/learn/rest-vs-soap/

  • traditional cookie-based authentication
  • traditional session-based authentication
  • token-based authentication
  • save the JWT as a Cookie

Questions:

  • use jQuery to make the AJAX calls
  • how to protect your RESTful API with JWT

 

1) Traditional Web Applications

What's different between Sessions & Cookies?

2) Modern Web Applications

How to use cookies to handle JWTs?


 

Categories

Recent posts