locked
Forms Authentication and SSO RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-342061962 posted

    Hi,

    I have an existing asp.net application. We are trying to build a SSO functionality into it where our client would SSO into our application using a link on their side.

    Our website uses forms authentication for all our users to login. In this scenario I get the username (authenticated user at client end) when the client user does an SSO but I need to bypass the authentication for the user to be able to navigate through our website. I maintian a mapping of usernames between the client and our database. Is it possible to authenticate the user without knowing his password?

    Wednesday, October 12, 2016 11:43 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User283571144 posted

    Hi MGuser,

    MGuser

    Is it possible to authenticate the user without knowing his password?

    As far as I know, it is easily to achieve.

    For example, you use identity, you could use the usermanager to find the user by name.

    If you have a record then just sign them in.

    More details, you could refer to follow codes:

       var user = await UserManager.FindByNameAsync(name);// find user by name
        if (user != null)
        {
            await SignInManager.SignInAsync(user, true, true);//Sign in the user
        }

    But I think the most important thing is how to pass userid form SSO site to your web site.

    I suggest you could encrypt the userid content and pass it though post method.

    Best Regards,

    Brando

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, October 13, 2016 6:32 AM