I have a web site which integrated with my company Single Sign On(SAML 2.0 protocol). The site also have API defined. Now I am trying to access the API from C# console application.
How my console application can authenticate and broker between SSO server and web api ?
Related
I'm planning to create a new web application using ASP.Net Core 5.0 Blazer Server Side template and trying to meet the following requirements:
Web Application should be a stand-alone solution, this Web Application will be hosted on IIS Server200.
ASP.Net Core 5.0 Web API as Microsoft Identity service should be the stand-alone solution to Authorize and Authenticate Balzer web app users. The Web API will be hosted on IIS Server100.
The web application should use Microsoft identity web API service for user registration, login, forgot password, creating user roles, etc.
I'm not sure about how the Authentication and Authorization can be done using the Web API service.
Could anyone guide me on how to meet the above requirements? any help would be greatly appreciated.
Is it possible to support integrated windows authentication (Kerberos) in a self hosted web api or is IIS an absolute requirement if integrated window authentication is required ?
Googling around I did not find a clear answer to this question or any sample code that demonstrates how this can be achieved.
I am trying to build self hosted web api that client can authenticate with using windows authentication ( without need to enter username password)
Our company's Client portal if developed with C#. Clients do authenticate on this portal.
Now I developed a new service with a small portal using Laravel 5.7 (let's call this the service portal).
The two portals are on different domains.
I want to integrate the new service portal in the main portal without doing authentication twice.
What I want to accomplish is that when a client authenticates on the original Client portal (C# portal) and clicks a link, he gets redirected to the service portal (laravel app) without being authenticated.
So I don't know if is it possible to accomplish this ? If so, please point me on how to do it.
Thank you
_ Azure newbie alert _ I have a WCF web service (deployed on prem) that uses windows authentication. I just built an App Service on Azure that among other things it needs to retrieve data from this web service. I don't have control over the authentication mode it uses nor can I change it, so is there any way at all to configure my App Service to use Azure AD and authenticate using a windows account (same account used on Azure portal)?
On a side note, I communicate with the WCF service on prem through a hybrid connection on the App Service. Not sure if that makes any difference
I have various bits of functionality implemented in WCF web services which are currently consumed by an Excel client via a local COM-visible library. I wish to implement some of the front-end functionality in a web client. I set up my client proxy using
dataChannel.Credentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Delegation;
ASP.NET impersonation is turned on as is windows authentication (no anonymous). When web services and web site are hosted on the same server there are no issues and the desktop user's credentials are passed from browser to web site to WCF perfectly. However, when web site and web services are hosted on different boxes (same domain, intranet only) I get 401 authentication errors. What am I doing wrong?
It sounds like you are suffering from the kerberos "double hop" problem. By default windows does not pass the kerberos authentication token onto another server so if you have user accesses webserver A and authenticates, webserver A accesses service on webserver B. WEbserver A does not pass the auithentication through to webserver B so you get a 401. I think this article should help you enable kerberos delegation between the web site server and the web service server