Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Migration] Support sharing auth state with "backend" System.Web app #40083

Closed
pranavkm opened this issue Feb 9, 2022 · 4 comments
Closed

[Migration] Support sharing auth state with "backend" System.Web app #40083

pranavkm opened this issue Feb 9, 2022 · 4 comments
Assignees
@Tratcher
Labels
area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer
Milestone
.NET 7 Planning

Comments

@pranavkm
Copy link
Contributor

pranavkm commented Feb 9, 2022

As part of #40078, we'll need to determine a way to share auth state between the front end .NET Core, and backend System.Web app. Prelimnary work here is to determine the list of authorization providers (cookie, token etc) that we need to support based on how frequently they appear in user apps.
@pranavkm pranavkm mentioned this issue Feb 9, 2022
Closed
5 tasks
@mkArtakMSFT mkArtakMSFT added area-runtime area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer and removed area-runtime labels Feb 9, 2022
@Tratcher
Copy link
Member

Tratcher commented Feb 9, 2022
edited
Loading

Possible kinds of auth (not necessarily the ones people need):

  • JWT/Bearer/Basic/Digest/API - Easy, implement in both apps separately.
  • Cookie/Forms/Owin - Requires shared formats and encryption
  • Identity - Depends on cookie auth, requires a shared database
  • OAuth, OpenIdConnect, AzureAd, B2C - Depends on Cookie Auth, and where you want to put the login page.
  • Windows/Negotiate/NTLM/Kerberos - Would need to be handled by the front end, doesn't proxy well. Could be converted to something else like JWT for the backend. We do something more complex for IIS out-of-proc, (duplicate handles) but I think that only works because IIS started the other process.

@Tratcher
Copy link
Member

So far I've seen reports from potential migration customers that are currently using:

  • JWT
  • OWIN Cookies & OpenIdConnect
  • B2C

@adityamandaleeka adityamandaleeka added this to the .NET 7 Planning milestone Feb 11, 2022
@ghost
Copy link

ghost commented Feb 11, 2022

Thanks for contacting us.

We're moving this issue to the .NET 7 Planning milestone for future evaluation / consideration. We would like to keep this around to collect more feedback, which can help us with prioritizing this work. We will re-evaluate this issue, during our next planning meeting(s).
If we later determine, that the issue has no community involvement, or it's very rare and low-impact issue, we will close it - so that the team can focus on more important and high impact issues.
To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

@adityamandaleeka adityamandaleeka mentioned this issue Feb 11, 2022
Closed
1 task
@adityamandaleeka
Copy link
Member

Closing since this is done as part of https://devblogs.microsoft.com/dotnet/incremental-asp-net-migration-tooling-preview-2/

Further requests in this area can be filed over on https://github.com/dotnet/systemweb-adapters/

@ghost ghost locked as resolved and limited conversation to collaborators Jul 24, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@Tratcher Tratcher

Labels
area-auth Includes: Authn, Authz, OAuth, OIDC, Bearer
Projects
None yet
Milestone
.NET 7 Planning
Development

No branches or pull requests
4 participants
@pranavkm @adityamandaleeka @Tratcher @mkArtakMSFT