MVC5 Identity & Security Mait Poska & Andres Käver, IT Kolledž 2014.

Slides:

Advertisements

Similar presentations

Extern name server - translates addresses of s messages - enables users to use aliases - … ID cards system - controls entrance to buildings,

Advertisements

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

WSO2 Identity Server Road Map

SharePoint 2010 Business Productivity: What's new for Developers in Microsoft SharePoint 2010 Matthew McDermott, MVP Aptillon, Able Blue

One Stop Mail Service Bhattacharya, Tonmoy, Bhattacharya, Tonmoy, Hariharan, Rama Krishnan, MS in Engineering Science,

Authenticating Users in an ASP.NET Application. Web Site Administration Tool From VS 2008, click Website/ ASP.Net Configuration to open Web Site Administration.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

Managing Identity and Permissions

Integrating CRM On Demand with the E-Business Suite to Supercharge your Sales Team Presented by: Tom Connolly, Jason Lieberman Company: BizTech Session.

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

TWSd Configuring Tivoli Workload Scheduler Security 1of3

Sql Server Advanced Features MIS 424 Professor Sandvig.

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Session 11: Security with ASP.NET

Microsoft Azure Introduction ISYS 512. Microsoft Azure Microsoft Azure is a cloud.

© 2011 PLANET TECHNOLOGIES, INC. Extending User Profiles with Line of Business Data Patrick Curran, MCT FEBRUARY 24, 2013.

Telerik Software Academy ASP.NET Web Forms.

Philadelphia Area SharePoint User Group Building Customer/Partner Extranets Designing a Secure Extranet with Sharepoint 2007 Russ Basiura RJB Technical.

Goals One ASP.NET Membership story – Web APIs and Web Apps Profile. Extensibility allows for non SQL persistence model. Improve unit testability of.

Online Service 1. Authorization Request (Start URL) 2. Login page 3. Credentials 4. Authorization page 5. User decision 6. Authorization.

Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.

In the web address box enter Enter your user ID (first and last initial 7 digit ID number) Select Log in.

Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.

Effective Security in ASP.Net Applications Jatin Sharma: Summer 2005.

1 Extending User Profiles with Line of Business Data Patrick Curran, MCT.

Grid Chemistry System Architecture Overview Akylbek Zhumabayev.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Identity Decision Tree Framework Quick Reference Guides.

Presented by: B2B Technologies B2B TECHNOLOGIES | PRESENTATION Use Case for Windows Azure Active Directory.

Module 11: Securing a Microsoft ASP.NET Web Application.

Slide 1 ASP Authentication There are basically three authentication modes Windows Passport Forms There are others through WCF You choose an authentication.

Federated Identity and Shibboleth Concepts Rick Summerhill Chief Technology Officer Internet2 GEC3 October 29, 2008 Slides by Nate Klingenstein

2. SQL Security Objectives –Learn SQL Server 2000 components Contents –Understanding the Authentication Process –Understanding the Authorization Process.

Claims-Based Identity Solution Architect Briefing zoli.herczeg.ro Taken from David Chappel’s work at TechEd Berlin 2009.

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

Guide to course enrolment. Accessing the system First go to your intranet Aid Home.

 Registry itself is easy and straightforward in implementation  The objects of registry are actually complicated to store and manage  Objects of Registry.

Web Access. Overview  Purpose  Prerequisites  Install Components  Enable Virtual Directories  IIS Configuration & Security  Troubleshooting.

Access resources in a federation partner organization.

Adxstudio Portals Training

Configuring and Deploying Web Applications Lesson 7.

Identity & Security Andres Käver, IT Kolledž 2015.

ASP.NET Identity System

WEB-API & MVC5 - Identity & Security Mait Poska & Andres Käver, IT Kolledž 2014.

Identities and Azure AD Premium

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Introduction to Terra Dotta Applications Integration with Campus Data Systems for institutions beginning their software implementation.

SharePoint Authentication and Authorization

Stop Those Prying Eyes Getting to Your Data

ASP .NET MVC Authorization Training Videos

Security Basics and ASP.NET Support

Migrating SharePoint Add-ins from Azure ACS to Azure AD

CAS and Web Single Sign-on at UConn

WEB-API & MVC5 - Identity & Security

Creating Novell Portal Services Gadgets: An Architectural Overview

Common Security Mistakes

Cloud Connect Seamlessly

Authorization in Asp.Net Core

Introduction to Authentication Authentication සදහා හැදින්වීම

Agenda OAuth Concepts Programming OAuth.

ACS Deployment Scenarios

Matthew Levy Azure AD B2B vs B2C Matthew Levy

AD FS Integration Active Directory Federation Services (AD FS) 7.4

ASP.NET Core 2.0 Identity and Azure Active Directory

Implementing Security in ASP.NET Core: Claims, Patterns, and Policies

ASP.NET Authentication with Identity Jump Start

07 | Introduction to Authentication

FCL – Administration Tool

Presentation transcript:

MVC5 Identity & Security Mait Poska & Andres Käver, IT Kolledž 2014

Identity & Security  No Authentication All anonymous users  Individual User Accounts Forms authentication (SQL) Google, Facebook, Twitter, MS  Organizational Accounts Active directory Federation Services (Azure, Office 365)  Windows Authentication Intranet – no anonymous users 2

Request & User – set by framework  Request.IsAuthenticated  User.Identity.GetUserName()  User.IsInRole(“xxxxx”) (Request.IsAuthenticated) { using (Html.BeginForm("LogOff", "Account", FormMethod.Post, new { id = = "navbar-right" " + User.Identity.GetUserName() + "!", "Manage", "Account", routeValues: null, htmlAttributes: new { title = "Manage" }) Log off }

Authorize attribute  [Authorize] – controller or action method Only logged in users (redirect to login page)  [AllowAnonymous] Can override controllers [Authorize]  [Authorize(Users=“akaver, mposka”)]  [Authorize(Roles=“admin, sales”)] 4

Database 5

Core Identity  Microsoft.AspNet. Identity.Core 6

Identity Stored In SQL Server Microsoft.AspNet.Identity.EntityFramework 7

UserManager 8 var manager = new ApplicationUserManager( new UserStore ( context.Get () ) ); public class ApplicationUser : IdentityUser { public async Task GenerateUserIdentityAsync( UserManager manager) { var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie); return userIdentity; } // Add custom fields here } public class ApplicationDbContext : IdentityDbContext { public ApplicationDbContext() : base("StudentDBConnection", throwIfV1Schema: false) { } public static ApplicationDbContext Create() { return new ApplicationDbContext(); }

External Logins 9

THE END Mait Poska & Andres Käver 10