All geek questions in one place

Using User Information / Authorization Using a Rails Application in an ASP.Net Web Application

I have two applications - one of the built-in Ruby (v1.9.2, I think) Rails and another simple reporting application created using ASP.Net, which is basically the interface for some Reporting Services reports. What I would like to do is provide a single type of login from a Rails application to an ASP.Net web application. Is there any way to do this?

Note. I can always pass user information to an ASP.Net web application through a request, using the query string or some other mechanism, but this is a bit dirty.

+4
source share
2 answers

I assume your question relates to the "end user" experience. In this case, you should use OAuth. Basically, you need to support the following workflow:

  • The user will have access to the .net reporting application.
  • he will redirect the user to the Rails application, where the user will be asked to provide access to his "data"
  • The user, after acceptance, will be redirected back to the .net application with the uuath token.

Here, the Rails application will be the server as the OAuth provider and the network application as the OAuth client.

This may seem redundant, but this approach has many advantages:

  • You can control which applications have access to user data.
  • clear separation of roles and auth
  • using industry standard OAuth will allow others to use your service.
  • There are many OAuth libraries that will help with other languages.
+1
source

A simple solution would be to have two applications in the same domain, but in separate subdomains, for example:

  • reporting.mydomain.com
  • login.mydomain.com

Then add a shared cookie (set the cookie domain to .mydomain.com ).

The ASP.NET application can then check your Rails login application (via the web service / REST API) to get the username and login status from the session ID.

Although I also think that OAuth is a great way to go, it would work :)

0
source

Source: https://habr.com/ru/post/1390100/

More articles:


All Articles