All geek questions in one place

Protect 2 different web applications with one identity service

Protect 2 different web applications with one identity

service Identity Service: Thinktecture V2 Identity Service



Appendix 1: Asp.net MVC
Application 5 Appendix 2: Asp.net Web Application API Application

The above Applcation 1 and Application 2 are different projects and are hosted on different servers. Now my scenarios

1. Want to protect application 1 with an identity service.
2. Want to protect application 2 with an identity service.


Use case 1: if the user accesses Appendix 1, he should redirect to the login page of the authentication service, as soon as I entered the credentials and enter application 1, the same token will allow me to access Appendix 2.
Use case 2: if the user trying to access any API from application 2 without entering the identity service, the request should be denied.

+4
2

Ok. . , , . IdentityServer, Token Type RP JWT:

enter image description here   MVC 5 (. , , ), -API. -api, , Microsoft JwtSecurityTokenHandler. ValidateToken(), 2 , , -API, -, , IdentityServer :

validationParams = new TokenValidationParameters
            {

                AllowedAudiences = _allowedAudiencesAndSigningKeys.Select(x => x.Key),
                ValidIssuer = ConfigurationManager.AppSettings["IssuerIdentity"],
                ValidateIssuer = true,
                SigningTokens = _allowedAudiencesAndSigningKeys.Select(x => new BinarySecretSecurityToken(Convert.FromBase64String(x.Value)))
            };

()/ (), , ( ) () , , , . ValidateToken() ClaimsPrincipal , . :

public static void Configure(HttpConfiguration config)
{
    var authNConfig = new AuthenticationConfiguration();
    config.MessageHandlers.Add(new MyTokenValidationHandler());
}
0

, SAML. , Identity Server, - ( ). - , , .

.

0

Source: https://habr.com/ru/post/1544268/

More articles:


All Articles