Passport Authentication
Passport authentication is a centralized authentication system provide by several authentication authority like Microsoft , Google ,Facebook , VeriSign etc . With this technique , a website do not required to store user credential, rather it uses Passport authentication service for authentication . When user come for login in the website , the response is redirected to the passport authentication authority for verification. The passport authentication authority verify the user credential and redirect to the website again with indicator that the user is valid or not and some other information about user.If found valid user ,he website allow user to go home page and other options.
A passport authentication authority can server a number of website. It is a centralized system used by thousand of website to verify authentication of the user.
A number of password authentication provider are available now a days, we will consider Microsoft single sign on password authentication for this lesson.
The first time you need to do, you have to change the web config file authentication mode to passport.
The second step, you need to download SDK , from Microsoft website and install it to your server. Passport authentication authenticate user name password profile to identify authorized user.
When passport authentication is called, the process generate several cookies , to hold information about login user. If these cookies are active, you do not need to sign on again. For example , you have logged in a website with single sign on, you have close your browser without sign out procedure. Again open the browser and enter the link of the website, now you will notice that you will allow to direct home page , not in the login system, no need to sign in again. This is because, cookie generated at you first login time , are still active, the website has used the same cookie again.
To avoid the situation , delete the cookies at the time of sign out. Each cookie have a expire time. If you said expired time now, the cookie will be expire instantly.
Here is a example of the same.
Now, if you try to test application locally, you will find that the application will redirect to the authentication provider login, you have to enter the valid credentials,then , you will be directed to your website. As your website URL and your localhost URL are not same , you will get an error. To test the single sign on, you have to host your website to a webserver with proper URL , where redirection addresses accessible globally.
Passport authentication is a centralized authentication system provide by several authentication authority like Microsoft , Google ,Facebook , VeriSign etc . With this technique , a website do not required to store user credential, rather it uses Passport authentication service for authentication . When user come for login in the website , the response is redirected to the passport authentication authority for verification. The passport authentication authority verify the user credential and redirect to the website again with indicator that the user is valid or not and some other information about user.If found valid user ,he website allow user to go home page and other options.
A passport authentication authority can server a number of website. It is a centralized system used by thousand of website to verify authentication of the user.
A number of password authentication provider are available now a days, we will consider Microsoft single sign on password authentication for this lesson.
The first time you need to do, you have to change the web config file authentication mode to passport.
xml
version="1.0"?>
<configuration>
<system.web>
<compilation
debug="true"
targetFramework="4.0"/>
<authentication
mode="Passport">
<passport
redirectUrl="https://login.abcd.com"/>
</authentication>
</system.web>
</configuration>
The second step, you need to download SDK , from Microsoft website and install it to your server. Passport authentication authenticate user name password profile to identify authorized user.
When passport authentication is called, the process generate several cookies , to hold information about login user. If these cookies are active, you do not need to sign on again. For example , you have logged in a website with single sign on, you have close your browser without sign out procedure. Again open the browser and enter the link of the website, now you will notice that you will allow to direct home page , not in the login system, no need to sign in again. This is because, cookie generated at you first login time , are still active, the website has used the same cookie again.
To avoid the situation , delete the cookies at the time of sign out. Each cookie have a expire time. If you said expired time now, the cookie will be expire instantly.
Here is a example of the same.
protected
void
btnSignOut_Click(object
sender, EventArgs
e)
{
if
(Page.Request.Cookies["MSPSec"]
!= null)
{
Response.Cookies["MSPSec"].Expires
= DateTime.Now;
}
if
(Page.Request.Cookies["MSPAuth"]
!= null)
{
Response.Cookies["MSPAuth"].Expires
= DateTime.Now;
}
if
(Page.Request.Cookies["MSPProf"]
!= null)
{
Response.Cookies["MSPProf"].Expires
= DateTime.Now;
}
}
Now, if you try to test application locally, you will find that the application will redirect to the authentication provider login, you have to enter the valid credentials,then , you will be directed to your website. As your website URL and your localhost URL are not same , you will get an error. To test the single sign on, you have to host your website to a webserver with proper URL , where redirection addresses accessible globally.
No comments:
Post a Comment