To start with any secured web application, the developer needs to work on the implementation of the authentication functionality. If any user needs to enter into multiple secured web application on same domain in .NET framework, he needs to login through each of those applications. Logging in a number of times can be avoided with Single Sign On (SSO) functionality. [ Learn about AdVanced an leading enterprise intranet portal and collaboration platform for your organization at Office 365 Intranet ].
SSO is a functionality that allows to login once and access multiple web applications with same credentials.
For example – once the user enters a user name and password on Gmail, he will be able to access Google’s other web application like Google Plus, YouTube, Play store, etc., with same credentials without logging in again.
MORE INTERESTING READS:
MAJOR CONCERNS FOR CLOUD COMPUTING IN RESPECT OF OFFICE 365
O365 VS GSUITE – WHICH IS BEST FOR YOUR BUSINESS?
How SSO works:
When a user runs a page in an application that requires user base authentication, the application searches for a cookie (forms authentication cookie) in the http request, if it does not find the cookie, it redirects the current page to the login page.
When a user enters valid credentials and click “Login” button, the system validates the credentials in data storage and set the credentials in Thread.CurrentPrincipal.Identity.Name property in .NET framework, and create a cookie in Response, and redirects to the requested page.
If a user navigates to another page of the application, then browser sends the authentication cookie as it already has the cookie from the last response. The browser when gets the cookie, validates the cookie properties; if the cookie is not expired, then the browser will fetch the required information from the cookie and set the user name into the Thread.CurrentPrincipal.Identity.Name property in .NET framework.
Implement SSO in MVC:
Here we see the steps to implement SSO in MVC Application using .NET
1. Open visual studio, create three blank applications (SingleSignOn, ApplciationA & ApplicationB). SingleSignOn application is for login functionality and ApplicationA and ApplicationB are secured web applications.
2. The solution will look something like below:
3. Add a AccountController in SingleSignOn, It will contain the login functionality code.
4. Write login code or simple forms authentication code in the AccountController as below:
public class AccountController : Controller
{
// GET: Account
public ActionResult Login(string returnUrl)
{
if (Request.IsAuthenticated)
{
return RedirectToAction(“Index”, “Home”);
}
ViewBag.ReturnUrl = returnUrl;
return View();
}
[AllowAnonymous]
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Login(string userName, string password, string returnUrl)
{
if (FormsAuthentication.Authenticate(userName, password)) {
FormsAuthentication.SetAuthCookie(userName, false);
if (!string.IsNullOrEmpty(returnUrl)){
return Redirect(returnUrl);
}
else{
return RedirectToAction(“Index”, “Home”);
}
} else {
ModelState.AddModelError(string.Empty, “Invalid Login Detials”);
ViewBag.ReturnUrl = returnUrl;
return View();
}
}
}
FormsAuthentication.Authenticate method will check the credentials and authenticate whether user name and password are correct or not. We can also validate username and password from SQL Server database or from any other Data Source
@Html.LabelForModel("Password")
@Html.Password("Password")
