c# - How to unify authentication in complex legacy application? -


let me start saying i'm researching asp.net identity 2.2.1 , looking @ retro-fitting our legacy application. think 10+ years old, substantial amounts of classic asp remaining we're migrating away from.

we have following:

  • classic asp
  • .net web forms
  • .net web service asmx files
  • .net web api
  • srs2012 custom authentication

by customising each of these, we've been able share single username/password authentication mechanism give form of single sign on (sso) across our suite of applications.

we need upgrade , want solution involves little "roll own" code possible.

we need:

  • contemporary password hashing/salting scheme, asp.net identity's pbkdf2 attractive
  • support sso private networks of end-users running active directory, on windows 2008/2012 servers. have cooperation of it, , desire secure enough pass external security audit without requiring big investment end-user infrastructure.
  • we have primitive sso implemented functional now, running of our assemblies on several customers' local iis servers, need upgrade meet contemporary standards.
  • support legacy functionality, need able integrate classic asp , ssrs, believe in native mode supports .net 2.0 app pools.

i'm reasonably comfortable our application needs regarding authentication, password management , authorization, having got info on asp.net identity , experience our current architecture.

i'm in dark on lightweight way implement contemporary sso plays nicely active directory , asp.net identity. clients need adfs? need self-hosted component e.g. thinktecture identityserver? our own saml implementation? oauth2? openid?

by virtue of our asp.net web api, have oauth2 authentication happening using bearer tokens, it's not widespread


Comments

Popular posts from this blog

android - Pass an Serializable object in AIDL -

How to provide Authorization & Authentication using Asp.net, C#? -

How to use Authorization & Authentication in Asp.net, C#? -