Step by step how to implement Single Sign On with LDAP Active Directory?
I have Windows authentication with LDAP Active Directory. I have also created a few web sites hosted on my local server. Whenever I go to these websites, these web sites should automatically get logged in based on the Windows credentials and should also provide the facility for other user to log in by simply logging out.
I have tried to get system username and pass to LDAP To get user details by following code.
var username = System.Environment.GetEnvironmentVariable("USERNAME");
but that is not the solution I m looking for.
I also read about Kerberos and NTLM but I literally did not get any idea. I have also understood what is SSO means.
I would be happy if any one can give me step by step knowledge regarding how to make SSO work with Windows authentication in intranet applications.
c# asp.net-mvc active-directory single-sign-on windows-authentication
edited Jan 1 at 9:03
marc_s
578k12911161261
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
add a comment |
I have Windows authentication with LDAP Active Directory. I have also created a few web sites hosted on my local server. Whenever I go to these websites, these web sites should automatically get logged in based on the Windows credentials and should also provide the facility for other user to log in by simply logging out.
I have tried to get system username and pass to LDAP To get user details by following code.
var username = System.Environment.GetEnvironmentVariable("USERNAME");
but that is not the solution I m looking for.
I also read about Kerberos and NTLM but I literally did not get any idea. I have also understood what is SSO means.
I would be happy if any one can give me step by step knowledge regarding how to make SSO work with Windows authentication in intranet applications.
c# asp.net-mvc active-directory single-sign-on windows-authentication
edited Jan 1 at 9:03
marc_s
578k12911161261
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
For windows authentication to automatically log you in, the client machine should be in the same network domain and 'Windows Authentication' enabled in IIS. Is your website consumed outside the server's network domain?
– vibgy
Jan 1 at 9:36
Yes. any one from anywhere can access the website. If it is accessed from intranet then use 'Windows Authentication' credentials to automatically login otherwise redirect to log in page.
– Akash Waghmare
Jan 1 at 11:40
You can not achieve SSO by using LDAP authentication, even using SPNEGO (Kerberos / Windows integrated authentication) is kind of auto-login and not really SSO. Without a proper knowledge of the underlying technology you will never be able to implement it yourself. A step by step guide won't help as in kind of an error situation you have no chance to solve it yourself.
– Bernhard Thalmayr
Jan 1 at 19:47
add a comment |
I have Windows authentication with LDAP Active Directory. I have also created a few web sites hosted on my local server. Whenever I go to these websites, these web sites should automatically get logged in based on the Windows credentials and should also provide the facility for other user to log in by simply logging out.
I have tried to get system username and pass to LDAP To get user details by following code.
var username = System.Environment.GetEnvironmentVariable("USERNAME");
but that is not the solution I m looking for.
I also read about Kerberos and NTLM but I literally did not get any idea. I have also understood what is SSO means.
I would be happy if any one can give me step by step knowledge regarding how to make SSO work with Windows authentication in intranet applications.
c# asp.net-mvc active-directory single-sign-on windows-authentication
edited Jan 1 at 9:03
marc_s
578k12911161261
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
I have Windows authentication with LDAP Active Directory. I have also created a few web sites hosted on my local server. Whenever I go to these websites, these web sites should automatically get logged in based on the Windows credentials and should also provide the facility for other user to log in by simply logging out.
I have tried to get system username and pass to LDAP To get user details by following code.
var username = System.Environment.GetEnvironmentVariable("USERNAME");
but that is not the solution I m looking for.
I also read about Kerberos and NTLM but I literally did not get any idea. I have also understood what is SSO means.
I would be happy if any one can give me step by step knowledge regarding how to make SSO work with Windows authentication in intranet applications.
c# asp.net-mvc active-directory single-sign-on windows-authentication
c# asp.net-mvc active-directory single-sign-on windows-authentication
edited Jan 1 at 9:03
marc_s
578k12911161261
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
edited Jan 1 at 9:03
marc_s
578k12911161261
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
edited Jan 1 at 9:03
marc_s
578k12911161261
edited Jan 1 at 9:03
marc_s
578k12911161261
edited Jan 1 at 9:03
marc_s
578k12911161261
578k12911161261
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
asked Jan 1 at 7:45
Akash WaghmareAkash Waghmare
62
62
For windows authentication to automatically log you in, the client machine should be in the same network domain and 'Windows Authentication' enabled in IIS. Is your website consumed outside the server's network domain?
– vibgy
Jan 1 at 9:36
Yes. any one from anywhere can access the website. If it is accessed from intranet then use 'Windows Authentication' credentials to automatically login otherwise redirect to log in page.
– Akash Waghmare
Jan 1 at 11:40
You can not achieve SSO by using LDAP authentication, even using SPNEGO (Kerberos / Windows integrated authentication) is kind of auto-login and not really SSO. Without a proper knowledge of the underlying technology you will never be able to implement it yourself. A step by step guide won't help as in kind of an error situation you have no chance to solve it yourself.
– Bernhard Thalmayr
Jan 1 at 19:47
add a comment |
For windows authentication to automatically log you in, the client machine should be in the same network domain and 'Windows Authentication' enabled in IIS. Is your website consumed outside the server's network domain?
– vibgy
Jan 1 at 9:36
Yes. any one from anywhere can access the website. If it is accessed from intranet then use 'Windows Authentication' credentials to automatically login otherwise redirect to log in page.
– Akash Waghmare
Jan 1 at 11:40
You can not achieve SSO by using LDAP authentication, even using SPNEGO (Kerberos / Windows integrated authentication) is kind of auto-login and not really SSO. Without a proper knowledge of the underlying technology you will never be able to implement it yourself. A step by step guide won't help as in kind of an error situation you have no chance to solve it yourself.
– Bernhard Thalmayr
Jan 1 at 19:47
For windows authentication to automatically log you in, the client machine should be in the same network domain and 'Windows Authentication' enabled in IIS. Is your website consumed outside the server's network domain?
– vibgy
Jan 1 at 9:36
For windows authentication to automatically log you in, the client machine should be in the same network domain and 'Windows Authentication' enabled in IIS. Is your website consumed outside the server's network domain?
– vibgy
Jan 1 at 9:36
Yes. any one from anywhere can access the website. If it is accessed from intranet then use 'Windows Authentication' credentials to automatically login otherwise redirect to log in page.
– Akash Waghmare
Jan 1 at 11:40
Yes. any one from anywhere can access the website. If it is accessed from intranet then use 'Windows Authentication' credentials to automatically login otherwise redirect to log in page.
– Akash Waghmare
Jan 1 at 11:40
You can not achieve SSO by using LDAP authentication, even using SPNEGO (Kerberos / Windows integrated authentication) is kind of auto-login and not really SSO. Without a proper knowledge of the underlying technology you will never be able to implement it yourself. A step by step guide won't help as in kind of an error situation you have no chance to solve it yourself.
– Bernhard Thalmayr
Jan 1 at 19:47
You can not achieve SSO by using LDAP authentication, even using SPNEGO (Kerberos / Windows integrated authentication) is kind of auto-login and not really SSO. Without a proper knowledge of the underlying technology you will never be able to implement it yourself. A step by step guide won't help as in kind of an error situation you have no chance to solve it yourself.
– Bernhard Thalmayr
Jan 1 at 19:47
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53993847%2fstep-by-step-how-to-implement-single-sign-on-with-ldap-active-directory%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53993847%2fstep-by-step-how-to-implement-single-sign-on-with-ldap-active-directory%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
For windows authentication to automatically log you in, the client machine should be in the same network domain and 'Windows Authentication' enabled in IIS. Is your website consumed outside the server's network domain?
– vibgy
Jan 1 at 9:36
Yes. any one from anywhere can access the website. If it is accessed from intranet then use 'Windows Authentication' credentials to automatically login otherwise redirect to log in page.
– Akash Waghmare
Jan 1 at 11:40
You can not achieve SSO by using LDAP authentication, even using SPNEGO (Kerberos / Windows integrated authentication) is kind of auto-login and not really SSO. Without a proper knowledge of the underlying technology you will never be able to implement it yourself. A step by step guide won't help as in kind of an error situation you have no chance to solve it yourself.
– Bernhard Thalmayr
Jan 1 at 19:47