0

I have just watched the following video on Claims based authentication,

I would like to implement this in a few of our companies applications, However all the examples talk about Using Windows Azure Active Directory as an Identity Provider.

I would like to implement my own idP which the applications all query for a token.

obviously I can go and implement my own version, but I would like to try and conform to the asp.net default packages as much as I can, such as using the claims based client in all my applications.

Is there possibly a tutorial anyone knows of or simply a interface which I have to implement which will alow for my clients to successfully get a token from my idP.

Alternatively,

I dont know if there is maybe an open source project that implements a full idP / STS which I can host mys elf, and configure all the params I need to store about a user?

Currently I have implemented the Microsoft identity model and extended the Identity User and Identity Role to include all the info I need, Which has a web UI to manage all the users, but I now was to add the functionality to allow for other applications to authenticate them selves through this AuthenticationApplication

Zapnologica
  • 22,170
  • 44
  • 158
  • 253

1 Answers1

1

I would suggest you try Thinktecture IdentityServer v2. It is open source, supports many protocols such as Oauth2, WS-Federation, WS-Trust and it is easy to configure.

For more information about IdentityServer look at its github repository page. You can find guides on how to get started here

There is also v3 in active development. It has been rewritten from scratch using Katana and Web Api and implements OpenID connect, but it is not ready for production yet.

pepo
  • 8,644
  • 2
  • 27
  • 42
  • Thanks for your response, How commonly used is this project? Can I commit to this in hope that it will remain supported for the near future? – Zapnologica Jul 04 '14 at 05:54
  • Yes, it is actively developed. Many people use it including me. The reason that there are not many commits these days is that they are fully occupied with v3, but they still support v2 because it is the latest production ready version. – pepo Jul 04 '14 at 07:34
  • Would you recommend I go with v3 or v2? Implementing now for one or two internal applications, Nothing to serious. Im always a fan of the later technologies, however tutorials and how toes are probably abit limited. Can I do claims based auth with single sign on? – Zapnologica Jul 04 '14 at 07:46
  • v3 is in preview state right now meaning it is an alfa. You can use it to test and contribute. There are opened (TODO) issues so if you decide to go with it then consider implementing some of them. It will get done quicker that way :). I've been to a workshop recently where v3 has been used and it was working very well in the demos. For production, I would definitely go with v2 for now. Both versions support claims based auth and single sign on. – pepo Jul 04 '14 at 11:06