OAuth2 SSO implementation using ADFS in MVC4 with Owin Oauth middleware

1
votes

In simple My only requirements are to implement SSO in my application:

  1. Use ADFS 2012 R2 for SSO (OAuth2 protocol).

  2. User will get token using oAUth 2.0 VIA ADFS Server using login prompt for credential or what ever authentication scheme is configured on ADFS form based or windows based.

  3. If same user that is authenticated using oAuth for one application if second application want to use the same user then the login box that ADFS presented using oAUth2.0 should not appear.

Now, please help me how OWIN.SECURITY.OAuth or any other oAuth will help me and what is the best way to implement in MVC web application. Please provide sample applicaiton.

1
asp.net-mvcasp.net-mvc-4oauthowinadfs

1 Answers

2
votes

ADFS 2012 R2 only supports public clients. Web sites are confidential clients, hence you cannot perform an OAuth2 authorization grant with ADFS 2012 R2. But you should not be too bummed, given that an OAuth2 authorization grant would not give you SSO anyway - OAuth2 is not a sign on protocol. If you want to perform web sign on using OAuth-like technology, I recommend you consider OpenID Connect and the ADFS version that comes with Windows Server 2016 (currently in technical preview 4).