Scenario: I work for an entreprise that have multiple internal applications, each application manage it's own users accounts. So the users have an account for each application. Now, the time to get ride of all this mess has arrived. And I'm in charge to look for an alternative way where the users have only one account to use in all applications. Knowing that not all users have an AD account.
I've done some research to try to identify which solution to adopt for our case, and i've found that there are several ways to do this, but i'm still confuse since it is the first time where I'm in front of this issue. some of the proposed solutions are: ADFS and SQL CLR.
So, could you please help me taking the best choice, in order to implement a single solution that manage users accounts?
The target solution have to meet the bellow requirements:
- Managing authentication for AD and Non-AD Users (stored in a DB)
- Managing non-AD users passwords (expiration...)
My actual idea is the develop a webapi app that communicate with both AD and a SQL DB (for non-AD users) and returns the user information, and each application will have an authentication module where the access logic is implemented.
Is there any built-in services that can manage that?
