First, I want to apologize as this is my first post and I don't even know how to properly phrase my question.
Here's what's going on:
I have several legacy ASP.NET web forms applications (.NET Framework 4.6.1) built in VB.NET that currently use ASP.NET Membership provider and forms authentication. Basically, apps A, B and C redirect to a login screen on app D where the user logs in and then gets redirected back. I believe this is possible through forms authentication where all applications share the same machineKey in Web.config.
I created a new ASP.NET Core MVC application (.NET Core 3.1) using ASP.NET Identity to replace app D which in the future will also use IdentityServer4 to allow single-sign-in support for third-party clients. This new SSO app has new user screens to manage users/roles, etc. and is working great as a stand-alone site.
How do I get apps A, B and C to properly redirect to SSO so users can get authenticated and get redirected back? What is the correct approach here? What steps are required?
I spent weeks going through tutorials online, learning about IdentityServer4, creating new modern MVC sites that use OWIN to exchange tokens, etc. and that all works fine. I also see tutorials on converting ASP.NET Membership to OWIN or to Identity but is that really what I need? I have a new site that's already using Identity so I shouldn't right?
Ideas?
I managed to figure it out. Using a new ASP.NET Web Application (.NET Framework) - Visual Basic with .NET Framework 4.6.1 named VBWebApp, I did the following to get it connecting to my IdentityServer4 instance:
Install packages
install-package Microsoft.Owin.Host.SystemWeb install-package Microsoft.Owin.Security.Cookies install-package Microsoft.Owin.Security.OpenIdConnect
Add Startup.vb
Imports Microsoft.Owin.Extensions Imports Microsoft.Owin.Security.Cookies Imports Microsoft.Owin.Security.OpenIdConnect Imports Owin
Public Class Startup Public Sub Configuration(ByVal app As IAppBuilder) Dim settings As NameValueCollection = ConfigurationManager.AppSettings
app.UseCookieAuthentication(New CookieAuthenticationOptions With {.AuthenticationType = "cookie" }) app.UseOpenIdConnectAuthentication(New OpenIdConnectAuthenticationOptions With {.SignInAsAuthenticationType = "cookie", .Authority = settings("Authority").ToString(), .ClientId = settings("ClientId").ToString(), .ClientSecret = settings("ClientSecret").ToString(), .RedirectUri = settings("RedirectUri").ToString(), .ResponseType = "code", .Scope = "openid profile", .RedeemCode = True }) app.UseStageMarker(PipelineStage.Authenticate) End Sub
End Class
Add the following under Configuration tag in web.config
Add the following in system.web tag
Add the following in Config.cs in IdentityServer4 instance
new Client { ClientId = "VBWebApp", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RedirectUris = { "https://localhost:44375" }, PostLogoutRedirectUris = { "https://localhost:44375" }, AllowedScopes = new List { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, } }
Still more work ahead but at least now I have the steps required to get the authentication piece working for apps A, B, and C.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.