I want to compare authentication methods in asp.identity and dotnetnuke. I have read very articles about authentication in dotnetnuke.
DNN AUTHENTICATION WITH NEW ASP.NET IDENTITY SYSTEM
DotNetNuke Tips and Tricks #12: Creating your own Authentication Provider
Using DNN authentication and authorization info from another ASP.NET app
How to Setup the Authentication Settings in DotNetNuke
But I din't understand authentication elements and the relationship between them.
It would be very helpful if someone could explain authentication method in dotnetnuke.
Thanks.
DotNetNuke uses Asp.Net Membership not Identity. To replace the core authentication provider would be a lot of effort.
There are several ways to create your own authentication provider, but ultimately it will still be using the DotNetNuke Asp.Net Membership process. If you want to use an external service that uses Asp.Net Identity you could have your external Asp.Net Identity service pass a token/cookie to a custom DotNetNuke authentication/redirect module that validates the token/cookie, migrates the user from the Asp.Net Identity database to the DotNetNuke Asp.Net Membership database and finally does the login: DotNetNuke.Entities.Users.UserController.UserLogin.
Related
I am trying to create a login mvc application in .NET through which any identity provider that supports OpenIdConnect for authentication and Oauth2.0 for authorization should be able to communicate. The objective is all my microservices will then call the login service ( which will act as a proxy) to perform single login and single logout and authorization via different identity providers such as Ping Identity or Okta or perhaps Azure AD.
Which Nuget package will be best to use in my login mvc application? Microsoft.AspNetCore.Authentication.OpenIdConnect or Microsoft.Owin.Security.OpenIdConnect. If there is any other library please shed some light. I am new in OpenIdConnect and IDP providers so please help me out here.
I would use Microsoft.AspNetCore.Authentication.OpenIdConnect for ASP.NET Core projects and Microsoft.Owin.Security.OpenIdConnect if you are using .NET Framework.
I have a legacy app which already has implemented its own dbo structure for users, roles etc thus I don't want to use ASP.NET Core Identity.
However, I would like to implement OAuth2 functionality, so I am thinking about creating authentication server using IdentityServer4.
Can you, please, give me a hint how to wire IdentityServer4 with custom user&password dbo tables?
I am implementing an application using microservices approach.
On my application there must be Google sign-in and basic sign-in.
I have 2 services: 1 for membership service and 1 for MVC gateway.
My membership service has db and standard asp.net core identity applied. So all users stored here.
My MVC gateway has login action that needs to challenge Google and get external login. And then get a user from Membership service for this login.
First my idea was to implement custom IUserStore class and call restful Api methods from Membership service. But there I faced the problem with syncing 2 Identities - on both services. Then I removed Identity from MVC Gateway, but now I cannot challenge Google Sign-in.
So what is the best solution for such approach?
I saw in MS example that there was IdentityServerr4 used, but I don't think that this is viable for my situation.
Implemented using IdentityServer4.
I have following scenario. I write asp.net core web api which will be used by mobile and web (asp.net core mvc web app) apps.
I authenticate user using asp.net core identity framework class SignInManager (add account controller and related classes manually) and then generate oauth token which will be used by client applications. By doing so I have 2 identities associated with the user. one is created by after I login using SignInManager.PasswordSignInAsync and second is created by generating oauth JWT token.
Is this correct approach or not?
Thanks
https://blogs.msdn.microsoft.com/webdev/2016/10/27/bearer-token-authentication-in-asp-net-core/
that might shed some light on what direction to go. there is also another blog post about using IdentityServer4 (3rd party) works well.
https://blogs.msdn.microsoft.com/webdev/2017/01/23/asp-net-core-authentication-with-identityserver4/
Why it`s not possible to create Web API project with Individual User Accounts Authorization type?
UPDATE:
All version numbers are updated from v1.2 to v2.0.
Please find the ASP.NET Core Schedule and Roadmap:
Identity Application Services
A service layer will be added ASP.NET Core Identity and included in the project templates using Individual Authentication. This will allow authentication of users by way of JWT tokens such that Web APIs can be secured out of the box, and make it simpler to change authentication systems, e.g. from in-app Identity to Azure AD B2C, or 3rd-party solutions like Identity Server.
Daniel Roth from MS:
Support for individual user accounts with the Web API template in VS is not available yet. We are still looking at providing a supported on premise offering for token issuance in addition to providing integration with Azure AD B2C.
This statement can be found in the comment section under https://channel9.msdn.com/Events/dotnetConf/2016/Building-Secure-Web-APIs-with-ASPNET-Core
This is just disabled in core 1.1.please use core 2.0 to find all authentication.You can download core 2.0 from
here