I'm trying to migrate my asp.net core 1.1 project to asp.net core 2.0.
I've used the guidelines from her to implement jwt authentication.
Now that I've upgraded to 2.0, I've used the guidelines in here and here to migrate, but HttpContext.User.Identity.IsAuthenticated is false.
The client correctly sends the bearer token.
Any links or pointers are appreciated.
Related
We have implemented OWIN Authorization to our Web Api's in .Net framework project. Now we are migrating this to .Net6. It seems in .net6/.net core owin authentication is not supported.
I don't find any documentation around this.
It seems Microsoft.Owin.OwinMiddleware is not exits in .net core.Also I don't find any Microsoft.Owin.Security.Infrastructure.AuthenticationTokenProvider corresponding nuget packages in .net core.
How can we use OWIN Authorization in .Net core(.net6)? If it is not supported what is alternative to this in .net core
ASP.NET Core using a new authentication middleware which could work like OWIN.
So you could directly using this middleware instead of using owin inside the asp.net core.
For example, if you want to include the MSFT, Goolge, facebook or else, you could refer to this article.
In previous applications using ServiceStack, me and my team have been using .NET Framework and the included AspNetWindowsAuthProvider.
Having switched to .NET Core we have discovered that the included provider is no longer in ServiceStack.Core.
How can I use Windows Authentication in a ServiceStack.Core application?
ServiceStack doesn't have a built-in Windows Auth Provider for .NET Core, a potential solution is to use ASP.NET Core's Identity Auth with ServiceStack, a pre-configured solution is available from the mvcidentity .NET Core Project Template.
Then Configure Windows Authentication in the ASP.NET Core App which is used by the NetCoreIdentityAuthProvider to create an Authenticated ServiceStack Session from the Authenticated ASP.NET Core Identity.
I am making a token authentication Web API in .Net Core 2.2, haven't decided if I should use OWIN or identityserver4 yet.
On our intranet we have many applications made in .Net 4.5 and some recent ones in .Net Core 2.2.
Is it possible to authenticate them all on .Net Core 2.2 Web API?
You can use IdentityServer4 running in a .NET Core 2.2 application, which can provide your token authentication for all your applications. This uses OAuth2 which will give you a token which can be set in HTTP Request Authorization header on subsequent HTTP requests to your API. You don't need to use cookies at all.
https://identityserver4.readthedocs.io/en/latest/intro/big_picture.html
Our University has migrated to a SAML based authentication/authorization method using Shibboleth.
I have been researching for at least a day on how to use SAML with .net core web applications. I can't use Identity server 4 because it is for OaTH/Open ID. I found some documentation on msdn which points to a commercial implementation. I came across this SO answer from a year ago saying Kentor may support it in the future but couldn't find anything on the github page about support for .net core or a .net core sample web app. As of January it was still planned but no date.
The University has the identity provider running. What I don't understand is the following:
How do I set my web application to use that identity provider?
How do I check if that identity provider has already been authenticated for another application, so SSO use?
Also, any sample applications that use SAML without commercial plugins would be greatly appreciated.
ITfoxtec has a ASP.NET MVC Core 1.0 SAML2 plugin, but it requires the .NET Full Framework, and won't run on linux. There's some missing APIs that are preventing full .NET Core support right now for SAML2 (around Crypto XML namespace). https://github.com/ITfoxtec/ITfoxtec.Identity.Saml2
Not exactly what you're looking for I know, but it's an interim solution until probably .NET Standard 2.0, which will probably bring the missing API's to .NET Core.
ITfoxtec Identity Saml2 support .NET Core 2.1 (without the .NET Framework) from version 3.0.0. Project: https://itfoxtec.com/IdentitySaml2
ITfoxtec Identity Saml2 MVC Core support ASP.NET MVC Core 2.1. NuGet package: https://www.nuget.org/packages/ITfoxtec.Identity.Saml2.MvcCore/
We are building ASP.NET MVC core web app and accessing data through ASP.NET Core Web API.
We have to give authentication and authorization to both MVC Core and Web API Core side.
If user is authenticated in MVC core web app then while accessing the data on web API core it is should not again authenticate. If user is directly accessing the web API then it should not allow and ask for authentication.
We also want to give authentication through Google.
For WebAPI I suggest token based authentication, Google support OAuth.
I suggest you take a look at the following link:
https://stormpath.com/blog/token-authentication-asp-net-core
There are some community-led efforts to build rich token authentication functionality for ASP.NET Core:
AspNet.Security.OpenIdConnect.Server – Similar to the OAuth Authorization Server middleware for ASP.NET 4.x.
OpenIddict – Wraps OpenIdConnect.Server up into an easier-to-use package that plugs into ASP.NET Identity.
IdentityServer4 – A port of Thinktecture IdentityServer3 to .NET Core.
All of them have sample MVC and API apps. Enjoy.