C ASP NET Single Sign-On Implementation

Question

I am tasked with implementing single sign-on for our customers as part of our next release   The flow exists as follows     User logs into their school s main portal system using a student id password provided to him her by the school   User clicks the link to my company s product  User is automatically taken to the dashboard page as if they had just logged in through the login form on our site    Thus  there are two mechanisms by which a user can be authenticated into our site    Coming to our product s home page  and logging in using the email password that we store in our local system  Using the single sign-on where the student has already logged into the school s main system with a student id and password    If our product s implementation is in ASP NET  as opposed to Java Ruby   should we be using CAS  JOSSO  or some other third party single sign-on product  Or is there something available to a  NET environment which would be simpler for us as a  NET company

User · Answer

There are several Identity providers with SSO support out of the box, also third-party** products.

** The only problem with third party products is that they charge per user/month, and it can be quite expensive.

Some of the tools available and with APIs for .NET are:

IdentityExpress (with Admin UI) by IdentityServer
Centrify Identity Service
Okta Identity (SAML 2.0)
OneLogin

If you decide to go with your own implementation, you could use the frameworks below categorized by programming language.

C#
- IdentityServer3 (OAuth/OpenID protocols, OWIN/Katana)
- IdentityServer4 (OAuth/OpenID protocols, ASP.NET Core)
- OAuth 2.0 by Okta
Javascript
- passport-openidconnect (node.js)
- oidc-provider (node.js)
- openid-client (node.js)
Python
- pyoidc
- Django OIDC Provider

I would go with IdentityServer4 and ASP.NET Core application, it's easy configurable and you can also add your own authentication provider. It uses OAuth/OpenID protocols which are newer than SAML 2.0 and WS-Federation.

User · Answer

UltimateSAML SSO is an OASIS SAML v1 x and v2 0 specifications compliant  NET toolkit  It offers an elegant and easy way to add support for Single Sign-On and Single-Logout SAML to your ASP NET  ASP NET MVC  ASP NET Core  Desktop  and Service applications  The lightweight library helps you provide SSO access to cloud and intranet websites using a single credentials entry    Detailed UltimateSAML SSO review can be found here

User · Answer

disclaimer  I m one of the contributors   We built a very simple free opensource component that adds SAML support for ASP NET apps https   github com jitbit AspNetSaml  Basically it s just one short C  file you can throw into your project  or install via Nuget  and use it with your app

User · Answer

There are multiple options to implement SSO for a  NET application  Check out the following tutorials online  Basics of Single Sign on  July 2012 http   www codeproject com Articles 429166 Basics-of-Single-Sign-on-SSO GaryMcAllisterOnline  ASP NET MVC 4  ADFS 2 0 and 3rd party STS integration  IdentityServer2   Jan 2013 http   garymcallisteronline blogspot com 2013 01 aspnet-mvc-4-adfs-20-and-3rd-party-sts html The first one uses ASP NET Web Forms  while the second one uses ASP NET MVC4  If your requirements allow you to use a third-party solution  also consider OpenID  There s an open source library called DotNetOpenAuth  For further information  read MSDN blog post Integrate OpenAuth OpenID with your existing ASP NET application using Universal Providers  Hope this helps

User · Answer

I am late to the party  but for option  1  I would go with  IdentityServer3  NET 4 6 or below  or IdentityServer4   compatible with Core     You can reuse your existing user store in your app and plug that to be IdentityServer s User Store  Then the clients must be pointed to your IdentityServer as the open id provider

[c#] C# ASP.NET Single Sign-On Implementation

Examples related to c#

Examples related to asp.net

Examples related to single-sign-on