I have been developing SSO App uses moves with c# and AngularJs and now I am adding one new project in my existing SSO app, but want to use Angular 7. so please let me know hot to use angular 7 and run this particular project from SSO app.
You already have an app running with C# and AngularJS. so let us call this as App1. Another app you want to create with Angular 7, let us call this App2.
Create App2 ie Angular 7 as a normal angular app.
Now to implement SSO, there are certain things to keep in mind
1) You need to have a central login page. This page is responsible for central login as App1 and App2 wont be having separate login pages.
2) Use cookies to check existence of user in either of the Apps
3) You need to have logic implemented in all Apps (App1, App2 and central App) to check for the cookie existence and navigate to the desired app.
A good example would be google.
When you are not logged in you are redirected to accounts.google.com (central Login). After login in, you visit any google products gmail(App1), youtube(App2) etc without login in separately.That's SSO and done through cross-domain cookie check.
This link will I think help you understand how SSO works.
https://auth0.com/blog/what-is-and-how-does-single-sign-on-work/
So you create angular 7 as a normal angular 7 app and follow the SSO steps. You will be good to go.
Hope that helps
Related
I have a requirement that has me a little baffled. A client has an app that allows it's customers to view it's account and billing statements. In the past the app invoked a web page on my web server built on an ASP.NET application that allowed the user to enter his credit card information and the web app processed the payment with the payment gateway.
Now the client requires that the payment page require authentication. Since the app uses JWT authentication when connecting to it's own services, the idea is to provide the JWT to the ASP.NET application so that we can verify that the call is authenticated and read some information from it. But I can't find any way for a regular ASP.NET MVC 5 web app to read a JWT that comes from somewhere else.
Has anyone seen anything like this? Anyone has any pointers for me to look at?
I have made an angularjs app and I want to use it in another web application (eg. C# .Net,JAVA). I have another web app (which does not use angularjs) and when I click a button it should be redirected to my angularjs app to use the functionalities. How can I achieve this? Thanks!
IMO, for C# Web App, you can use RedirectPermanent("<AngularJsApplicationFeaturePageUrl>"); spend time in AngularJs application and when it completes, AngularJs Web Application is responsible for redirecting us to appropriate page in C# Web App.
For Example,
You might have experienced it in e-commerce apps. For buying\ checking-out items, you will be redirected to Bank's fund transfer page. When you are done, Bank website will redirect you to original e-commerce app.
You are seeing in Identity Module Providers like Azure Active Directory, Google Single Sign On,.. redirects you to its login page to challenge your identity and posts you back to original website.
You can find a ton of examples for above use cases.
Context:
I have an MVC application, which uses OWIN, and connects to Azure for authentication. It stores a token in the cookie.
I have another application that is an angular spa application. This also connects to Azure for authentication. It stores the token in localstorage. (msal library)
Issue:
When I login to the MVC app first and open the spa app and click on login it again asks for credentials and vice versa.
This is due to different storage I believe.
Question :
How can the above issue be resolved? If it's not possible,
is there any other js library that will allow me to solve this?
Other inputs:
Msal silent token works on local storage, no issue on that.
Make sure you register both applications under your B2C tenant. You can test your storage theory easily by publishing another MVC application and seeing if the SSO works between that application and your existing one.
Whether it's a single page angular application or an MVC application shouldn't affect whether the user can SSO into both of them. Ensure that the user is added in your AAD and if you want to be on the safe side you can add the user manually to both application.
Please see this relevant Github repository. https://azure.microsoft.com/en-us/resources/samples/active-directory-b2c-javascript-angular2-4-spa/
I have a problem authenticating against Sharepoint Project Web App, from my ASP.Net app. One of the last tricks in my pocket that could work is taking a web browser from Windows Forms package, and performing an auth in it. This browser will be hidden from the user, will use service account to authenticate and will populate some JSON from PWA once a day. I will emulate the normal authentication you go through if you login to PWA with your browser.
This feels a bad idea to me, but if I do not have any other options, I might go with it. The problem is that I can't really explain exactly why it is bad, thus my question.
What possible problems should I expect doing this? ASP.Net app will be hosted in Azure, we also do an auth on Azure.
There are 2 websites, Website A and B. The requirement goes like this:
Website A has a login page.
On successful login of Website A, the user should be redirected to Website B homepage.
Note:
The user account/credentials for both websites are same.
Although Website B has an login page, the successful login in Website A should bypass the login page of Website B and show its (Website B's) homepage.
So my question is whether the above scenario is practially possible in C#, ASP.Net?
If possible, then how can the above requirement work in following environments:
- Both websites are hosted in the same domain.
- Both websites are hosted in different domains.
Can you please suggest me the ways of designing and implementing the above requirement.
Thanks in advance!!!.
There are multiple options to implement SSO for a .NET application.
Check out the following tutorials online:
Basics of Single Sign on, July 2012
http://www.codeproject.com/Articles/429166/Basics-of-Single-Sign-on-SSO
GaryMcAllisterOnline: ASP.NET MVC 4, ADFS 2.0 and 3rd party STS integration (IdentityServer2), Jan 2013
http://garymcallisteronline.blogspot.com/2013/01/aspnet-mvc-4-adfs-20-and-3rd-party-sts.html
The first one uses ASP.NET Web Forms, while the second one uses ASP.NET MVC4.
If your requirements allow you to use a third-party solution, also consider OpenID. There's an open source library called DotNetOpenAuth.
For further information, read MSDN blog post Integrate OpenAuth/OpenID with your existing ASP.NET application using Universal Providers.
Hope this helps!