SyntaxFix

[c#] C# ASP.NET Single Sign-On Implementation

I am tasked with implementing single sign-on for our customers as part of our next release. The flow exists as follows:

  1. User logs into their school's main portal system using a student id/password provided to him/her by the school.
  2. User clicks the link to my company's product.
  3. User is automatically taken to the dashboard page as if they had just logged in through the login form on our site.

Thus, there are two mechanisms by which a user can be authenticated into our site:

  1. Coming to our product's home page, and logging in using the email/password that we store in our local system.
  2. Using the single sign-on where the student has already logged into the school's main system with a student id and password.

If our product's implementation is in ASP.NET (as opposed to Java/Ruby), should we be using CAS, JOSSO, or some other third party single sign-on product? Or is there something available to a .NET environment which would be simpler for us as a .NET company?

This question is related to c# asp.net single-sign-on

The answer is

UltimateSAML SSO is an OASIS SAML v1.x and v2.0 specifications compliant .NET toolkit. It offers an elegant and easy way to add support for Single Sign-On and Single-Logout SAML to your ASP.NET, ASP.NET MVC, ASP.NET Core, Desktop, and Service applications. The lightweight library helps you provide SSO access to cloud and intranet websites using a single credentials entry.

Detailed UltimateSAML SSO review can be found here

[disclaimer: I'm one of the contributors]

We built a very simple free/opensource component that adds SAML support for ASP.NET apps https://github.com/jitbit/AspNetSaml

Basically it's just one short C# file you can throw into your project (or install via Nuget) and use it with your app

I am late to the party, but for option #1, I would go with IdentityServer3(.NET 4.6 or below) or IdentityServer4 (compatible with Core) .

You can reuse your existing user store in your app and plug that to be IdentityServer's User Store. Then the clients must be pointed to your IdentityServer as the open id provider.

There are several Identity providers with SSO support out of the box, also third-party** products.

** The only problem with third party products is that they charge per user/month, and it can be quite expensive.

Some of the tools available and with APIs for .NET are:

If you decide to go with your own implementation, you could use the frameworks below categorized by programming language.

  • C#

    • IdentityServer3 (OAuth/OpenID protocols, OWIN/Katana)
    • IdentityServer4 (OAuth/OpenID protocols, ASP.NET Core)
    • OAuth 2.0 by Okta

  • Javascript

    • passport-openidconnect (node.js)
    • oidc-provider (node.js)
    • openid-client (node.js)

  • Python

    • pyoidc
    • Django OIDC Provider

I would go with IdentityServer4 and ASP.NET Core application, it's easy configurable and you can also add your own authentication provider. It uses OAuth/OpenID protocols which are newer than SAML 2.0 and WS-Federation.

Source: Stackoverflow.com

Examples related to c#

How can I convert this one line of ActionScript to C#? Microsoft Advertising SDK doesn't deliverer ads How to use a global array in C#? How to correctly write async method? C# - insert values from file into two arrays Uploading into folder in FTP? Are these methods thread safe? dotnet ef not found in .NET Core 3 HTTP Error 500.30 - ANCM In-Process Start Failure Best way to "push" into C# array

Examples related to asp.net

RegisterStartupScript from code behind not working when Update Panel is used You must add a reference to assembly 'netstandard, Version=2.0.0.0 No authenticationScheme was specified, and there was no DefaultChallengeScheme found with default authentification and custom authorization How to use log4net in Asp.net core 2.0 Visual Studio 2017 error: Unable to start program, An operation is not legal in the current state How to create roles in ASP.NET Core and assign them to users? How to handle Uncaught (in promise) DOMException: The play() request was interrupted by a call to pause() ASP.NET Core Web API Authentication Could not load file or assembly 'CrystalDecisions.ReportAppServer.CommLayer, Version=13.0.2000.0 WebForms UnobtrusiveValidationMode requires a ScriptResourceMapping for jquery

Examples related to single-sign-on

C# ASP.NET Single Sign-On Implementation Differences between SP initiated SSO and IDP initiated SSO What are the different NameID format used for?

Tags

Find Curl-language Simplerepository Message-driven-bean Zabbix Logfile Typeface Bufferedwriter Unistd.h Burndowncharts Network-state Silverstripe Filtered-lookup Freeswitch Objectiveresource Eventtrigger Ref-parameters Empty-class Linker-errors Wxperl Android-ndk Zend-studio Cil Nswindowcontroller Avassetwriter Filenames Onkeydown Recommendation-engine Albpm Infix-notation Expression Indexof Iphone-sdk-3.1.3 Help-balloon Processmodel Pyode Gadt Inline-editing Jqgrid Sustainable-pace Statements Pleasewait Vssget Enterprise-integration Modified-preorder-tree-t Compiler-directives Gesture-recognition Url.action Color-wheel Berkeley-db-xml Aero-peek Equivalence-classes Beginanimations Uidatepicker Survey Gppg One-definition-rule Using-directives Xorg Soap-extension Configuration-management Partial-methods Activitygroup Bing-maps Jsecurity Mysql-python Tr Compose Coordinates Embedding Ormlite Rubymine Astronomy Craigslist Progress Bgga Short-circuiting Sitefinity-4 Vertical-alignment Nfa Refactoring-databases Threadpool Safearray Mdc Shebang Addition Jpa Unmanagedresources Cal Carrot Gd Deep-linking Stringio Tabactivity Qtablewidgetitem Roaming Symfony Drupal-commons Nesc Db-schema