none
Help - Azure ADFS integration into Existing Asp.net Webforms

    Question

  • Good Day,

    I request your help, assistance or guidence on the following.

    I have an existing Asp.net Webforms application.  Our company now requires that I Integrate Azure ADFS into the application.

    The application at this moment holds no authentication.  Can you kindly advise me of a resource online or explain to me step by step how to achieve this?  Which nuget packages to install, etc.  I found some resources online BUT these resources specifically talks about Integration to ASP.NET MVC.

    Your assistance would greatly be appreciated.

    Kind Regardfs

    Mohamed.


    AMI.NET

    Sunday, March 26, 2017 12:08 PM

Answers

  • Ok So either the team did not understand my question or they just randomly pointed me in a direction that i simply did not want to be.

    None the less - here is my SOLUTION to my own question.

    HOW TO ADD AZURE ADFS TO AN EXISTING ASP.NET WEBFORMS

    Written by: Mohamed Ameerodien

    Year 2017

    Revision 1

    Securing a web application (MVC or Webforms) with Azure ADFS (Active Directory Federation Services) is rather easy.  Or so it may seem.  Most research or tutorials online will show you how to quickly get up and running. 

    They fire up visual studio, create a new project and answer a few questions on the built in wizards.  Simple enough right?  Well yeah it is simple, If you create a new application.

    HOWEVER, what about us who have an existing web application.  What are the steps to follow? What wizards do I fire up at this stage?  All valid questions.  After digging deeply here is my solution that worked for, and I am pretty sure it will be beneficial to many of you.

    So let’s get to it. 

    1.        Open you project.  In my instance I am going to create a new EMPTY web application.
    2.        Let’s now either install or update some nugget packages
      1.        Install-package Microsoft.Owin
      2.       Install-package Microsoft.Owin.Host.SystemWeb
      3.        Install-package Microsoft.Owin.Security
      4.       Install-package Microsoft.Owin.Security.Cookies
    3.        Add an OWIN startup class file to your solution. 

    Right click the solution >> add >> new item

    A dialog box will appear, in the search box, type: OWIN


    Call the file Startup.cs.


    Now paste the following code into this file:

    using System;

    using System.Threading.Tasks;

    using Microsoft.Owin;

    using Owin;

    using Microsoft.Owin.Extensions;

    using Microsoft.Owin.Security;

    using Microsoft.Owin.Security.Cookies;

    using Microsoft.Owin.Security.WsFederation;

    using System.Configuration;

    [assembly: OwinStartup(typeof(Integrate_to_Azure___Existing_Webforms_Project.Startup))]

    namespace Integrate_to_Azure___Existing_Webforms_Project

    {

        public class Startup

        {

            private static string realm = ConfigurationManager.AppSettings["ida:Wtrealm"];

            private static string adfsMetadata = ConfigurationManager.AppSettings["ida:ADFSMetadata"];

            public void Configuration(IAppBuilder app)

            {

                // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=316888

                app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

                app.UseCookieAuthentication(new CookieAuthenticationOptions());

                app.UseWsFederationAuthentication(

                    new WsFederationAuthenticationOptions

                    {

                        Wtrealm = realm,

                        MetadataAddress = adfsMetadata

                    });

                // This makes any middleware defined above this line run before the Authorization rule is applied in web.config

                app.UseStageMarker(PipelineStage.Authenticate);

            }

        }

    }

    Amend the highlighted values with that of your project.  The namespace and the project name.

    Now open your WEB.CONFIG file

    1.        Locate the Configuration tag
      1.        Under Configuration add:

      <appSettings>

        <add key="ida:ADFSMetadata" value="https://adfs.yourdomain.com/FederationMetadata/2007-06/FederationMetadata.xml" />

        <add key="ida:Wtrealm" value="https://yourdomain.azurewebsites.net" />

      </appSettings>

     

    2.  Locate <System.Web> tag >> add

        <authorization>

          <deny users="?" />

        </authorization>

     

    1.        Add this code following the </System.Web> closing tag

    <system.webServer>

        <modules>

          <remove name="FormsAuthentication" />

        </modules>

      </system.webServer>

     

     

     

    And that’s it.  Following these steps worked form.

    If you compile and run your solution it should take you to the authentication page.


    AMI.NET

    Friday, March 31, 2017 9:08 AM

All replies

  • Ok So either the team did not understand my question or they just randomly pointed me in a direction that i simply did not want to be.

    None the less - here is my SOLUTION to my own question.

    HOW TO ADD AZURE ADFS TO AN EXISTING ASP.NET WEBFORMS

    Written by: Mohamed Ameerodien

    Year 2017

    Revision 1

    Securing a web application (MVC or Webforms) with Azure ADFS (Active Directory Federation Services) is rather easy.  Or so it may seem.  Most research or tutorials online will show you how to quickly get up and running. 

    They fire up visual studio, create a new project and answer a few questions on the built in wizards.  Simple enough right?  Well yeah it is simple, If you create a new application.

    HOWEVER, what about us who have an existing web application.  What are the steps to follow? What wizards do I fire up at this stage?  All valid questions.  After digging deeply here is my solution that worked for, and I am pretty sure it will be beneficial to many of you.

    So let’s get to it. 

    1.        Open you project.  In my instance I am going to create a new EMPTY web application.
    2.        Let’s now either install or update some nugget packages
      1.        Install-package Microsoft.Owin
      2.       Install-package Microsoft.Owin.Host.SystemWeb
      3.        Install-package Microsoft.Owin.Security
      4.       Install-package Microsoft.Owin.Security.Cookies
    3.        Add an OWIN startup class file to your solution. 

    Right click the solution >> add >> new item

    A dialog box will appear, in the search box, type: OWIN


    Call the file Startup.cs.


    Now paste the following code into this file:

    using System;

    using System.Threading.Tasks;

    using Microsoft.Owin;

    using Owin;

    using Microsoft.Owin.Extensions;

    using Microsoft.Owin.Security;

    using Microsoft.Owin.Security.Cookies;

    using Microsoft.Owin.Security.WsFederation;

    using System.Configuration;

    [assembly: OwinStartup(typeof(Integrate_to_Azure___Existing_Webforms_Project.Startup))]

    namespace Integrate_to_Azure___Existing_Webforms_Project

    {

        public class Startup

        {

            private static string realm = ConfigurationManager.AppSettings["ida:Wtrealm"];

            private static string adfsMetadata = ConfigurationManager.AppSettings["ida:ADFSMetadata"];

            public void Configuration(IAppBuilder app)

            {

                // For more information on how to configure your application, visit http://go.microsoft.com/fwlink/?LinkID=316888

                app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

                app.UseCookieAuthentication(new CookieAuthenticationOptions());

                app.UseWsFederationAuthentication(

                    new WsFederationAuthenticationOptions

                    {

                        Wtrealm = realm,

                        MetadataAddress = adfsMetadata

                    });

                // This makes any middleware defined above this line run before the Authorization rule is applied in web.config

                app.UseStageMarker(PipelineStage.Authenticate);

            }

        }

    }

    Amend the highlighted values with that of your project.  The namespace and the project name.

    Now open your WEB.CONFIG file

    1.        Locate the Configuration tag
      1.        Under Configuration add:

      <appSettings>

        <add key="ida:ADFSMetadata" value="https://adfs.yourdomain.com/FederationMetadata/2007-06/FederationMetadata.xml" />

        <add key="ida:Wtrealm" value="https://yourdomain.azurewebsites.net" />

      </appSettings>

     

    2.  Locate <System.Web> tag >> add

        <authorization>

          <deny users="?" />

        </authorization>

     

    1.        Add this code following the </System.Web> closing tag

    <system.webServer>

        <modules>

          <remove name="FormsAuthentication" />

        </modules>

      </system.webServer>

     

     

     

    And that’s it.  Following these steps worked form.

    If you compile and run your solution it should take you to the authentication page.


    AMI.NET

    Friday, March 31, 2017 9:08 AM
  • You are missing a package install:

    Install-package Microsoft.Owin.Security.WsFederation

    Thursday, January 18, 2018 9:15 PM