C# ASP.NET Single Sign-On Implementation

There are multiple options to implement SSO for a .NET application.

Check out the following tutorials online:

Basics of Single Sign on, July 2012

http://www.codeproject.com/Articles/429166/Basics-of-Single-Sign-on-SSO

GaryMcAllisterOnline: ASP.NET MVC 4, ADFS 2.0 and 3rd party STS integration (IdentityServer2), Jan 2013

http://garymcallisteronline.blogspot.com/2013/01/aspnet-mvc-4-adfs-20-and-3rd-party-sts.html

The first one uses ASP.NET Web Forms, while the second one uses ASP.NET MVC4.

If your requirements allow you to use a third-party solution, also consider OpenID. There's an open source library called DotNetOpenAuth.

For further information, read MSDN blog post Integrate OpenAuth/OpenID with your existing ASP.NET application using Universal Providers.

Hope this helps!

Creating SSO (single sign on) CAS on ASP.NET Core 6 MVC app

So I think I was on the right track with the posted program.cs.

The next step is to create a controller AccountController.cs

namespace {YourAppName}.Controllers {
    using System;
    using System.Diagnostics;
    using Microsoft.AspNetCore.Authorization;
    using Microsoft.AspNetCore.Mvc;
    using OneRecordIssue6.Models;

    [AllowAnonymous]
    public class AccountController : Controller
    {
        IConfiguration configuration;

        public AccountController(IConfiguration configuration)
        {
            this.configuration = configuration;
        }

        public IActionResult Login()
        {
            string isDev = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
            if (isDev == "Development")
            {
               // if in developement, allow me to use any user choosen for testing. This shows me how different rules apply
                var simulatedUser = this.configuration.GetSection("Settings:simulatedUser").Value.ToString();
                var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, simulatedUser) }, CookieAuthenticationDefaults.AuthenticationScheme);
                var principal = new ClaimsPrincipal(identity);
                var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddSeconds(5), IsPersistent = false, RedirectUri = "/" };
                this.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, authProperties);
                return this.RedirectToAction("Index", "Home");
            }
            else
            {
                return this.Challenge(new AuthenticationProperties { RedirectUri = "/" }, "CAS");
            }
        }

        public IActionResult ExternalLoginFailureModel()
        {
            this.Response.StatusCode = 500;
            return this.RedirectToAction("Error", "Home");
        }
    } }

Then make sure in a any controller that needs to to be authorized just add the

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

then any page or controller that needs to be authenticated add

[Authorize]

(include the square brackets) and this will enforce the auth

ASP.NET Single Sign On

First, if you want them to share authentication, they need to be working on the same user store. In other words, you should factor out the Identity initialization code (ApplicationUser, ApplicationDbContext, ApplicationUserManager, and ApplicationSignInManager) into a class library that both applications share. Trying to mantain and share two separate databases with user data is going to be an impossible and insurmountable task.

Then, you need only ensure that both applications utilize the same machine key. The auth cookie is encrypted, and since the encryption is based on the machine key, both applications need to use the same key to encrypt/decrypt that cookie.

Since you've already stated that they will both be hosted on the same domain, that's all there is to it.

C# ASP.NET Single Sign-On Implementation