We have implanted 2 utilities using mvc. And both utilities have authentication using Active directory.We are using single sign on here,means if the user authenticated in 1st application then he can access 2nd application without entering credentials in 2nd application.
Question:If user is not Authenticated in 1st application and he is trying to access the dashboard of second application then he must be redirected to login page of 1st application....IS there any way to do this?
Problem is solved :)
return Redirect("http://localhost:12350/");
It is working.
Related
I have two web apps, one a .Net Framework app and the other a .Net Core app. Both are registered with the same B2C environment.
They interact with one another such that when I sign in on one application, when I click on sign in on the other, this takes me past the input screen and logs me in with the credentials already entered on the other application.
The issue I have is that I have set up a Logout Url for both applications, but it is only working one way round and not the other.
If I am logged in on both applications, then sign out of the Framework application, then when pressing F5 on the Core application, the user is logged out as expected.
However, if I try this the other way round. So I sign out of the Core application, then press F5 on the Framework application, then this does not log the user out.
As it is working one way but not the other, I assume this must be an issue with how the Framework application is setup and not with how the Custom Policy files linked to each application are setup, as if it was, then neither would work?
In the B2C application setting for the Framework application, the Logout URL is:
https://xxxx.azurewebsites.net/Account/SignOut
Which points to:
public void SignOut()
{
if (Request.IsAuthenticated)
{
IEnumerable<AuthenticationDescription> authTypes = HttpContext.GetOwinContext().Authentication.GetAuthenticationTypes();
HttpContext.GetOwinContext().Authentication.SignOut(authTypes.Select(t => t.AuthenticationType).ToArray());
Request.GetOwinContext().Authentication.GetAuthenticationTypes();
}
}
I've also tried an endpoint which is the same as the above but doesn't check if the user is currently authenticated, and just runs the three lines without the if check, but that doesn't work either.
While, the B2C application settings for the Core application, the Logout URL is:
https://yyyy.azurewebsites.net/AzureADB2C/Account/SignOut
Any ideas?
Initially I have setup microservice application with oauth2 and keycloak.
I was able to do that successfully. I have added all things such as SECURITY_OAUTH2_CLIENT_ACCESS_TOKEN_URI, SECURITY_OAUTH2_CLIENT_USER_AUTHORIZATION_URI, SECURITY_OAUTH2_CLIENT_CLIENT_ID, SECURITY_OAUTH2_CLIENT_CLIENT_SECRET, SECURITY_OAUTH2_CLIENT_SCOPE, SECURITY_OAUTH2_RESOURCE_USER_INFO_URI. I have jhipster registry running and gateway application running. I have created a application in okta with the openidconnect type application. Screen shot is mentioned below. I able to see the http://localhost:8080. Upon clicking on sign in button I getting the below error.
If you look in your browser’s address bar on the 400 error page, you’ll see it has “http://localhost:8080/login” as the redirect URI. Add this value to the Login redirect URIs in your Okta app and you should be good to go.
Thanks, I solved the issue. The solution was, The user with which i was trying to login was not created in users table. For that I have created another user in okta and assigned the roles to it. Reset the password and tried logging to account. Upon invoking "http://localhost:8080" and clicking on "sign in" button it redirected to okta login page and logged in with the above created user and it redirected me to home page of my gateway.
Thank you
I'm new to MVC Authentication, so I'm working on a sample project to get familiar with using external authentication. I've got Facebook and Google working, but I'm having trouble with Twitter.
I can get to Twitter's log-in page, but instead of redirecting back to my application like Facebook and Google does, it just displays a Pin and says I need to go back to my application and enter the Pin. It appears that the middle-ware is using Pin-Based authentication. Any tips for setting it up so that it doesn't use Pin-Based?
My application is MVC 5, .net 4.5.1, EF6, and Authentication 2.0.
Inside Startup.Auth, I've uncommented app.UseTwitterAuthentication and provided the comsumer key and secret provided by Twitter.
I ended up just deleting the app in Twitter and creating a new one, which works correctly.
When I initially created the first app, I had left the Callback URL empty. When testing with that configuration, I couldn't get to the Login screen, I just kept getting a 401 error. Once I added a callback url, I started getting to the login screen, but it was using the Pin-Based.
I thought that I had configured something incorrectly during the setup process, so that's why I deleted the application (in Twitter) and created a new one. In my project, I just changed the key and secret. There was no option during setup to select pin-based, but I did create it with a callback url.
I did create a third application (in Twitter) with no callback url, in an attempt to duplicate the problem, but I was unable to duplicate.
My ASP.NET MVC application is using Forms authentication with [System.Web.Mvc.Authorize] . I would like to use [System.Web.Http.Authorize] attribute to protect my Web API controller and because i'm calling it with HttpClient from my MVC controller I've have implemented a custom delegating handler like the one in the following post:
ASP.NET MVC 4 Web API Authentication with Membership Provider
When debugging i can see that the principal is set and the user has right roles but still I'm being redirected to the login page?
So basically when i log in and visit the WebAPI action with browser everything works (as would if i use AJAX from my views), but when i use HttpClient inside my controller (which i know is a new request with different context) with Basic authentication and set the principal i always get redirected.
I've tried so many solutions/workarounds and i'm always redirected to login page.
Anyone has an idea.
Here's an explanation:
System-web-http-authorize x System-web-mvc-authorize
Another interesting point is you use your custom authorization. I did it and it worked. Following example:
Customized authorization Mvc 4
Good Luck
Help me..
I'm implementing a web application in my local server and after i will publish my application to download and can use every one.So I need to give a social experience to user with my web application(user can update his fan pages through my web application). So i created a facebook application. But I'm still in problem what is site url in application. This is not for my own web site. This is for all download users. Then how can I create a facebook application to achieve this.
With a facebook Canvas App, site url is where the actual application is hosted.
So, if your web application was fully functional at http://example.com/facebook, that would be the site URL.
I created a facebook app last year and it's a web based application that is wholly contained within my webserver, the site url points to it's landing page.
I think you want to make this application downloadable like wordpress framework so that others can host the application on their server and use it.
So probably best way is to have a admin section like in wordpress, user who download and implement you application on his or her server can provide their own application access token.
Insted of hard-coding your own access code into your download application framework
In admin section create a tab to register your application with facebook, which will redirect user to the facebook.com/developer where he/she can register their application and after registration they can put their access token back in you application framework admin section. you can store this details in some table and fetch it where ever you need it for authentication.
hope this logic helps for you.