0

We have existing mvc application with episerver cms 10. That application performs well. But we now have requirement to implement adfs in existing application. I checked different links on internet regarding this. I can see that it is straight forward for new application but can't find clear guide on how to implement it with existing application. We have lot of existing users in website using sql server membership and ad authentication. How it will behave with ADFS? Please provide me correct guide and links for this?

Amol Kothawade
  • 3
  • 2
  • 1
    Welcome to SO. Could you describe your issue in more detail, please? E.g. by adding the related commands, code snippets or configuration infos... Otherwise your issue might be classified as off-topic as defined in the [Help Center](https://stackoverflow.com/help/dont-ask). Thanks. – CKE Sep 11 '18 at 07:11
  • This link might be helpful https://world.episerver.com/blogs/K-Khan-/Dates/2017/10/migrate-from-sql-membership-to-asp-net-identity/ – Johan Petersson Sep 11 '18 at 11:02

2 Answers2

1

I'm guessing you want to continue to use both SQL users and AD users(?).

First migrate to AspNetIdentity as described here: https://world.episerver.com/blogs/K-Khan-/Dates/2017/10/migrate-from-sql-membership-to-asp-net-identity/.

Then you can add authentication with ADFS as described here: https://hacksbyme.net/2017/05/07/single-sign-on-to-episerver-with-adfs-using-owin/

Finally add the possibility to login with both AD users, and local SQL users: https://hacksbyme.net/2017/05/11/mixed-mode-owin-authentication-for-episerver-editors/

Erik H
  • 71
  • 4
  • Hi Erik, Thank you for your reply. I am implementing same solution and it looks like I am on correct path. :) It is really helpful – Amol Kothawade Oct 01 '18 at 11:44
  • Hi, After implementing, I am getting following error IDX10214: Audience validation failed. Audiences: 'https://". Did not match: validationParameters.ValidAudience: 'https://' or validationParameters.ValidAudiences: 'null'. Please help me on this – Amol Kothawade Oct 03 '18 at 06:58
0

ADFS will only authenticate against users in AD (or with LDAP in ADFS 4.0).

To integrate this into your application, you need a client side protocol stack.

If you are using ADFS 4.0 refer this and this.

rbrayb
  • 46,440
  • 34
  • 114
  • 174