How do I setup On-Premises Authority Authentication in MVC 5?
Solution 1
I am new to this myself, and may be mistaken in many respects, but my understanding of the 'Organizational Accounts' / 'On-Premises Authority' option for MVC apps is that it applies when you've set up Active Directory Federation Services / Windows Identity Foundation.
The primary motivator for doing that would be if you want to allow single sign on to cloud based apps based on your internal AD, or allow certain types of SharePoint SSO integrations with custom code. If you're not looking to do a cloud service + internal services seamless blending of authentication, then just choosing 'Windows Authentication' would be the far easier way to proceed.
If you do want to proceed with the WIF / ADFS approach, then the following might help:
- Single sign-on roadmap
- Checklist: Use AD FS to implement and manage single sign-on
- Verify and manage single sign-on with AD FS
Hope I'm not leading you on a wild duck chase with this info, but for the moment, that appears to me to be the most applicable information I could find.
Solution 2
Trying to simplify user2994340's answer: https://docs.microsoft.com/en-us/aspnet/visual-studio/overview/2013/creating-web-projects-in-visual-studio#orgauthonprem
If you have setup a Windows Server Active Directory but you haven't setup AD Federation Services, and you are not planning to do so, best option is to use "Windows Authentication" option.
Trying to not go beyond my knowledge, as I'm not an expert in this matter, I think the main benefits of using ADFS is having an extranet application providing a single sign-on process authenticating against your AD. I think in following link that's pretty good explained: https://en.wikipedia.org/wiki/Active_Directory_Federation_Services.
Answering to what the Metadata document is: is a XML document published by your ADFS to allow an application to discover all of the relevant info about your ADFS (addresses, signing keys, identifiers, etc) and derive the project’s configuration from it. You can check more information in the following link: https://blogs.msdn.microsoft.com/card/2010/06/24/using-federation-metadata-to-establish-a-relying-party-trust-in-ad-fs-2-0/
Related videos on Youtube
Comments
-
Refracted Paladin almost 2 years
What is the Metadata document that is required for "On-Premises Authority Authentication" in MVC 5?
I am supposed to supply it's URL in order to setup Organizational Accounts Authentication in MVC 5 for On-Premises option but I am new to web development and have no idea what it's looking for here.
Any help here would be appreciated.
FYI: I am trying to use internal Active Directory.
-
Joe Stellato over 9 yearsA long time with no answer to this, did you ever find out how to locate the URL?
-
-
Ryan about 10 years> Hope I'm not leading you on a wild duck chase I believe the expression is "wild goose chase" my man.
-
Dylan Hayes almost 10 yearsa wild duck chase is even wilder than a wild goose chase!