c# - How to unify authentication in complex legacy application? -
let me start saying i'm researching asp.net identity 2.2.1 , looking @ retro-fitting our legacy application. think 10+ years old, substantial amounts of classic asp remaining we're migrating away from.
we have following:
- classic asp
- .net web forms
- .net web service asmx files
- .net web api
- srs2012 custom authentication
by customising each of these, we've been able share single username/password authentication mechanism give form of single sign on (sso) across our suite of applications.
we need upgrade , want solution involves little "roll own" code possible.
we need:
- contemporary password hashing/salting scheme, asp.net identity's pbkdf2 attractive
- support sso private networks of end-users running active directory, on windows 2008/2012 servers. have cooperation of it, , desire secure enough pass external security audit without requiring big investment end-user infrastructure.
- we have primitive sso implemented functional now, running of our assemblies on several customers' local iis servers, need upgrade meet contemporary standards.
- support legacy functionality, need able integrate classic asp , ssrs, believe in native mode supports .net 2.0 app pools.
i'm reasonably comfortable our application needs regarding authentication, password management , authorization, having got info on asp.net identity , experience our current architecture.
i'm in dark on lightweight way implement contemporary sso plays nicely active directory , asp.net identity. clients need adfs? need self-hosted component e.g. thinktecture identityserver? our own saml implementation? oauth2? openid?
by virtue of our asp.net web api, have oauth2 authentication happening using bearer tokens, it's not widespread
Comments
Post a Comment