current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Join the Stack Overflow Community
Stack Overflow is a community of 6.3 million programmers, just like you, helping each other.
Join them; it only takes a minute:
Sign up
up vote 0 down vote favorite

I am attempting to create a single sign on SharePoint portal. I have tried a variety of methods so if someone has a better suggestion then I am all ears, but I am attempting to do this via claims based authentication. I have a SharePoint Web Service site setup with a Security Token Service running. It is currently being used by other SharePoint sites on my SharePoint server and works fine. What I am attempting to do is utilize this same Security Token Service to issue tokens to Web Application to be used as claims to achieve single sign on for these Web Applications from my SharePoint portal.

Firstly, is this possible?

Second, how do I generate a token to be used by my ASP .NET MVC applications?

I don't know much about the Security Token Service, it was set up by someone else who is no longer employed at my place of work and I cannot consult them unfortunately. Thanks in advance.

UPDATE: I have am getting the following error now:

Parser Error Message: ID1024: The configuration property value is not valid.
Property name: 'certificateReference'
Error: 'ID1025: Cannot find a unique certificate that matches the criteria.
StoreName: 'CertificateAuthority'
StoreLocation: 'CurrentUser'
X509FindType: 'FindByThumbprint'
FindValue: '‎mythumbprint'

I installed my certificate and verified it is in Root\Certificates in the Trusted Root Certification Authority. Any ideas what the issue could be?

NOTE:

Thank you for your help, this should have been mentioned from the start but I am using .NET Framework 4.5 in Visual Studio 2013 so please answer with that in mind. The answers and comments so far may work for earlier versions of .NET and VS but don't seem to work in my case.

UPDATE:

I seem to have fixed at least part of my problem. It appears I am getting authenticated but the screen is blank. I am still working through this but anyone having similar issues this helped me a lot. Upon further inspection I get a 500 Internal Server Error (after ADFS successfully authenticates me) but that error doesn't appear in browser I only see it in firebug.

share|improve this question
up vote 2 down vote

Yes you can achieve single sign on between SharePoint and your ASP.Net MVC application.

Since your SharePoint has already setup with STS, you need to setup your MVC application for STS. You don't need to generate a token, the token is generated and returned to your MVC application by STS.

To configure you MVC for STS, you will need Windows Identity Framework. Next configure your MVC application to use Claim based Authentication, see http://msdn.microsoft.com/en-us/library/hh291061(v=vs.110).aspx

Also if you are using ADFS for your SharePoint, have a read on ADFS Federation

share|improve this answer
    
thank you for your response, I will try this out!! – mgrenier Jan 16 '15 at 13:04
    
I found the federation metadata, but get this error now my new problem is: when I put the path with https:// it works in my browser but I get an error in my app complaining about the ":" saying its should be a relative path. If I remove the https:// it give me a file not found error (both in a browser and in my app). I must be doing something wrong here but I am not sure what??? – mgrenier Jan 16 '15 at 19:25
    
not sure how you are doing it, I find it easier to create a blank asp.net application, and then let the FedUtil to create the config for you, see this one msdn.microsoft.com/en-au/library/ee517285.aspx, refer to part 2. Register an existing production STS – john Jan 18 '15 at 21:36
    
I am using VS 2013 and .NET 4.5 I don't see the option to "create a claims aware ASP .NET website" not do I have the "Add STS Reference" option. – mgrenier Jan 19 '15 at 13:58
    
I figured out the claims aware issue, got the SDK installed. Still no STS reference though. – mgrenier Jan 19 '15 at 15:16
up vote 0 down vote

It seems my blank page issue is a result of the combination of claims based authentication and remaining forms based authentication code being mixed together in my application. I have decided to create a simple federated MVC application (which I am able to get working) then slowly transfer the code from my existing app into the simple app and see where it breaks. My suggestion for anyone trying to accomplish something similar is not to try and simply change authentication methods like I was trying to do but to get the desired authentication working in a new simple application and port your existing application into the new one. It is a longer and more painstaking way of you it, but in my case it would have been quicker if I just started that way. If I come up with any new and useful information I will update this answer.

Thanks to all who offered their assistance with this, it did help me arrive to where I am now!

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.