Share via

SSO OAuth with Username And Password

Siddhant Singh 5 Reputation points
2024-07-18T11:09:23.7433333+00:00

I have a Web Application whose Admin portal developed in Asp.net Webforms with some domain and the Public portal of the same is in Asp.NET 8 (.NET CORE) with some other domain. The database is same for both and currently I do login with Username and password and validate the same with the SQL Server database. Now I have to achieve an SSO with OAuth here. But by SSO I does not mean Login with Google or Facebook only. I need to continue the same phase. Login with username and password. If success then login both the domains Admin side and public side so no need to login them separately. Is it possible with SSO OAuth. If yes, then please help me with the code reference. If not then what's another approach I can have to complete this. At the end, I have to login both the domains with one time login using my USERNAME and password and username and password is in Sql server db.

Developer technologies ASP.NET ASP.NET Core
Developer technologies .NET .NET Runtime
Developer technologies .NET Other
Developer technologies ASP.NET Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AgaveJoe 30,126 Reputation points
    2024-07-18T12:03:44.2233333+00:00

    OAuth has several flows, one for browser based application uses a standalone authentication application referred to as an identity provider. The web applications redirect unauthenticated requests to the identity provider to login. Once logged in the identity provider returns an authentication cookie to the browser, then redirects the browser back to the original web site passing a token. The original web site receives the token, validates the token, and uses the token to create an authentication cookie of its own.

    At this point the browser has two authentication cookies, one from the identity provider site and one from the original web site. If the user goes to a second SSO web site, the same process happens. The browser is redirected to identity provider. But this time the browser already contains a valid authentication cookie form the identity provider. The browser passed the cookie to the The identity provider which reads the cookie redirects back to the second SSO web site passing a token. Logic in the second site reads the token and creates an authentication cookie for the second SSO site.

    Another way to do SSO in IIS is sharing an authentication cookie. Keep in mind, this approach has nothing to do with OAuth.

    https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-8.0

    OAuth has several flows which are well documented.

    https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow

    The OAuth flows are determined by the client type that require authentication. The link above covers the flows.

    0 comments
  2. Bruce (SqlWork.com) 77,686 Reputation points Volunteer Moderator
    2024-07-18T15:56:13.1466667+00:00

    you don't specify your current authentication method, but oauth is a commonly used for SSO.

    • to implement oauth you need an oauth server. the Microsoft option is azure ad, but you can use identity server. though its no longer free: https://duendesoftware.com/products/identityserver
    • in webforms you add owin and oauth middleware support
    • in asp.net core you use the oauth middleware
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.