ASP .NET Core(2.1) Web API authenticate LDAP users(intranet app - windows authentication ) and external tool requests against application key.
How to authenticate two type of authentication in ASP.NET Core 2.1?
Related
With ASP.NET Core 5, Angular 10 and Identity Server 4 I created 4 applications:
Auth using Identity Server 4;
Asp.Net Core 5 API
Asp.Net Core 5 MVC
Angular 10 SPA
On the Angular application (4) I am using OIDC Client JS and Code Grant Type.
The Asp.Net Core 5 MVC application (3) also needs to access the API ...
I am using Identity Model but what Grant Type should I use in MVC application?
Code as in the Angular application (Is this possible?)? Client Credentials?
If you login the user on MVC application and you want to call the API on behalf of the user use the Code flow.
In this case only difference between MVC and angular apps is that Asp.Net Core 5 MVC is a confidential client and you can use Code flow. But Angular 10 SPA client is a public client and you should you Code + PKCE.
It is although recommended to use PKCE in both cases.
If you just call an API through MVC and as the app itself and not behalf of the user, you can use Client Credentials flow. This flow is for server to server scenarios and it is secure.
In this case you should do authorization for MVC app as well.
I have two ASP.NET web applications.
A legacy web forms application built using .Net Framework 4.6.1 with a Membership Provider
An AspNet Core application that uses Core Identity 2.1
The two web applications comprise the overall web application.
The plan is to have both applications hosted in IIS and allow the Core web application to manage authentication/authorization for both web apps.
I have already implemented cookie sharing between the two applications using an OWIN startup class in the web forms app and corresponding middle-ware in the Core app.
The flow is as follows:
The requests coming into the webforms application will be intercepted by a Http moudule which will redirect to the AspNet Core login form if the user is not authenticated.
Once the user enters their credentials in the Core Login form, they are redirected back to the Web forms application Home page or whatever other page as if they had logged into the app directly.
The issue I am currently having is that I haven't been able to find a programmatic way of authenticating the user as though they had submitted the Login form in the web forms app.
Is there a way to programmatically authenticate a user by using the Membership Provider via Core Identity?
In previous applications using ServiceStack, me and my team have been using .NET Framework and the included AspNetWindowsAuthProvider.
Having switched to .NET Core we have discovered that the included provider is no longer in ServiceStack.Core.
How can I use Windows Authentication in a ServiceStack.Core application?
ServiceStack doesn't have a built-in Windows Auth Provider for .NET Core, a potential solution is to use ASP.NET Core's Identity Auth with ServiceStack, a pre-configured solution is available from the mvcidentity .NET Core Project Template.
Then Configure Windows Authentication in the ASP.NET Core App which is used by the NetCoreIdentityAuthProvider to create an Authenticated ServiceStack Session from the Authenticated ASP.NET Core Identity.
I am making a token authentication Web API in .Net Core 2.2, haven't decided if I should use OWIN or identityserver4 yet.
On our intranet we have many applications made in .Net 4.5 and some recent ones in .Net Core 2.2.
Is it possible to authenticate them all on .Net Core 2.2 Web API?
You can use IdentityServer4 running in a .NET Core 2.2 application, which can provide your token authentication for all your applications. This uses OAuth2 which will give you a token which can be set in HTTP Request Authorization header on subsequent HTTP requests to your API. You don't need to use cookies at all.
https://identityserver4.readthedocs.io/en/latest/intro/big_picture.html
We are building ASP.NET MVC core web app and accessing data through ASP.NET Core Web API.
We have to give authentication and authorization to both MVC Core and Web API Core side.
If user is authenticated in MVC core web app then while accessing the data on web API core it is should not again authenticate. If user is directly accessing the web API then it should not allow and ask for authentication.
We also want to give authentication through Google.
For WebAPI I suggest token based authentication, Google support OAuth.
I suggest you take a look at the following link:
https://stormpath.com/blog/token-authentication-asp-net-core
There are some community-led efforts to build rich token authentication functionality for ASP.NET Core:
AspNet.Security.OpenIdConnect.Server – Similar to the OAuth Authorization Server middleware for ASP.NET 4.x.
OpenIddict – Wraps OpenIdConnect.Server up into an easier-to-use package that plugs into ASP.NET Identity.
IdentityServer4 – A port of Thinktecture IdentityServer3 to .NET Core.
All of them have sample MVC and API apps. Enjoy.