[Tutorial] Single Sign On for ASP.NET MVC4 Web Applications with WSO2 Identity Server

Products
Technology for your digital platform that you can run yourself, in a private cloud, or as SaaS.
API Management
Integration
Identity & Access Management
Your Digital Platform, as a Service
Platform
- Your internal developer platform as a service to quickly deliver applications.
Solutions
By Technology
- API Management
  Solutions to deliver your APIs in any environment.
- Integration
  Break down data silos, streamline workflows, and unlock insights.
- Identity & Access Management
  Create secure, unique, and compelling digital experiences with ease.
  
  Customer IAM
  
  For Consumers (B2C)
  
  For B2B Applications (B2B CIAM)
  
  For Citizens (G2C)
  
  Workforce IAM
  
  API Access Management
By Industry
- Healthcare
  Provide awesome digital experiences for payers, providers, and patients.
- Finance
  Deliver secure financial experiences at speed.
- Government
  Deliver secure and simplified digital services for governments and citizens.
Featured Blog
- Implementing an Event-Driven GraphQL BFF with Real-Time Notifications
  Read Blog
Resources
- Training and Certification
- Events
Featured Whitepaper
- Transactions in a Microservice World
  Read Whitepaper
Support
- Subscription
  Learn About the Benefits of a WSO2 Subscription for Commercial Use.
- Updates
  Maintain the health and security of your solution.
- Consulting Services
  A full range of services to help you get the most out of your WSO2 project.
Featured Blog
- Self Manage Your WSO2 Support Portal Users
  Read Blog
Company
- About WSO2
  Learn about who we are and our journey.
- Team
  The people behind our innovative technologies.
- Customers
  See how we’ve helped leading enterprises from around the world.
- Careers
  Discover how you can make an impact.
- Partners
  Learn about the benefits of partnering with us.
- News
  The latest updates and insights.
Customer Spotlight
- YOMA x WSO2: Building Better Banking Relationships
  Read Case Study
Community
Contact Us
EN
- French
- German
- Portuguese
- Spanish
Profile

Imesh Gunaratne
Solutions Architect - WSO2

Archived Content

This article is provided for historical perspective only, and may not reflect current conditions. Please refer to relevant product page for more up-to-date product information and resources.

Introduction

Single Sign On (SSO) can be configured for ASP.NET MVC4 web applications using different approaches; Federated Authentication (Passive STS), SAML2, OAuth, Open ID, etc. Windows Identity Foundation (WIF) provides features for configuring SSO with Federated Authentication [2]; however, other approaches were not supported by WIF at the time of publishing this article.

Configure WSO2 Identity Server (IS)

Extract WSO2 IS 5.0.0 distribution and apply the service pack 1.
Start WSO2 IS server extracted above.
Login to WSO2 IS management console (UI):

https://localhost:9443/carbon
Add a new Service Provider:
A Service Provider in WSO2 IS represents a web application that needs SSO. Provide Mvc4SingleSignOnSAML2 as the service provider name and a meaningful description.

Figure 01

Configure SAML2 Inbound Authentication: Go to Identity -> Service Providers -> List and Edit the above created Service Provider, expand the Inbound Authentication Configuration section and click on Configure:

Figure 02
Provide SAML configuration:

Figure 03

Issuer	Mvc4SingleSignOnSAML2
Assertion Consumer URL	https://localhost:51481/SAML/AssertionConsumerService
Audience/Recipient	https://localhost:9444/oauth/token

Rename Resident Identity Provider in Identity Server: localhost -> wso2is
Go to Identity Providers list and click on Resident Identity Provider:

Figure 04

Set Identity Provider Entity ID to wso2is:

Figure 05

Configure API Manager

Extract API Manager distribution and set port offset to 1.
Start API Manager instance and login to Management Console:

https://localhost:9444/carbon
Create an Identity Provider in API Manager:
Login to API Manager management console and click on Add Identity Provider:

Figure 06

Once Identity Provider is created configure SAML2 Web SSO settings:

Figure 07

Checkout sample ASP.NET MVC4 web application from the following Git repository:

git clone https://github.com/imesh/asp-net-mvc4-sso.git

Upload wso2carbon.cer SSL certificate found in the below location to the above Identity Provider:

[asp-net-mvc4-sso]\Mvc4SingleSignOnSAML2\wso2carbon.cer

Run TicketsApi Web APIM

Open TicketsApi web API in Visual Studio 2012:
[asp-net-mvc4-sso]\TicketsApi\TicketsApi.csproj
Run the above web api in debug mode.

Publish TicketsApi through API Manager

Figure 08

Endpoint URL:

https://localhost:2423/api/tickets

Tickets API URL:

https://localhost:8281/tickets/v1.0.0

Log into API Store and subscribe to Tickets API. Afterwards generate Consumer Key and Consumer Secret.

Configure and Run Mvc4SingleSignOnSAML2 Web Application

Open TicketsApi web api in Visual Studio 2012:
[asp-net-mvc4-sso]\Mvc4SingleSignOnSAML2\Mvc4SingleSignOnSAML2.csproj
Set Token API endpoint, Consumer Key, Consumer Secret and Tickets API endpoint in Web.config file:

Figure 09

Run the above web api in debug mode.

Access Mvc4SingleSignOnSAML2 Web Application in a Web Browser

https://localhost:51481/

References

[1] Windows Identity Foundation, MSDN Library
[2] Passive Authentication for ASP.NET with WIF, MSDN Magazine

Implementing an Event-Driven GraphQL BFF with Real-Time Notifications

Transactions in a Microservice World

Self Manage Your WSO2 Support Portal Users

YOMA x WSO2: Building Better Banking Relationships

[Tutorial] Single Sign On for ASP.NET MVC4 Web Applications with WSO2 Identity Server

Introduction

Configure WSO2 Identity Server (IS)

Configure API Manager

Run TicketsApi Web APIM

Publish TicketsApi through API Manager

Configure and Run Mvc4SingleSignOnSAML2 Web Application

References

About Author

API Management

Integration

IAM

Internal Developer Platform

Solutions

Resources

Support

Company

Follow us