I am having difficulty integrating an existing ASP.NET application and Sitefinity with regards to Single Sign On.
When a user authenticates with an existing ASP.NET website authenticate them with Sitefinity and allow them to navigate both sites seamlessly.
Both website have the following in common:
Windows Server 2008 R2
The ASP.NET website is running on .NET version 4.5.1. It currently uses Forms Authentication to authenticate users. In order for a user to access the website they are presented with a username and password form and must submit the form with the correct credentials. Once the form is submitted the credentials are validated by comparing against values stored in a database. If the credentials match then the user is authenticated and this information is stored in the Session. The user can then navigate freely around the website without having to authenticate as long as their Session is active.
The Sitefinity version is 8.0 and is currently configured to use Claims Authentication. For the most part the application has not been configured.
How far have I gotten?
I've done a fair amount of research and made 2-3 attempts to solve this problem on my own with mixed results. I have tried to login using the RESTful service. I have tried creating a form on Sitefinity. I have tried creating an MVC widget. The only thing I have not tried is to create an STS. I have researched STS solutions, but I cannot figure out how to setup the STS and create a request to use it. I'm not even sure if it applies to what I am doing. I was going to try and setup my ASP.NET application to be the STS Issuer based on the link below, but I could not determine how to configure it and I'm not sure what WIF is.
Used RESTFul services to authenticate - this is a failed attempt that I made which I thought for sure would work
I essentially followed this implementation:
I downloaded the RESTful Sitefinity Client.
Then I created an MVC widget with Thunder and added code in my Controller using the ClaimsAuthenticationHelper class to execute the SignIn method. The method appears to executes without an exception but when I navigate to the Sitefinity back end I am presented with the login page. I did not authenticate. For the most part this seemed to work, I think what might be missing is that when I redirect to the back end somehow the cookie is not being sent with the request. So therefore, I seem to authenticate, but I am not sending future requests with the cookie or token. This is where clarity ceases for me.
So after all this I am trying to fulfill the simple requirement stated above and I cannot seem to find a workable solution. It seems relatively simple. Sign into website A (non-Sitefinity) and simultaneously sign into Sitefinity. Of course, I have the ability to make sure that the "login user" is active in both systems.
Also, I was able to create a CustomMembershipProvider by following the steps in this tutorial.
I created a new database, added a model, created the provider class, etc, but then I got more errors when logging in and creating new users. I learned a lot, but I do not have a working solution.
I have an existing website, all I want to do it log into my website and configure it to log me into Sitefinity as well. I can't belive how hard this has been for me.