How do I setup On-Premises Authority Authentication in MVC 5?

Solution 1

I am new to this myself, and may be mistaken in many respects, but my understanding of the 'Organizational Accounts' / 'On-Premises Authority' option for MVC apps is that it applies when you've set up Active Directory Federation Services / Windows Identity Foundation.

The primary motivator for doing that would be if you want to allow single sign on to cloud based apps based on your internal AD, or allow certain types of SharePoint SSO integrations with custom code. If you're not looking to do a cloud service + internal services seamless blending of authentication, then just choosing 'Windows Authentication' would be the far easier way to proceed.

If you do want to proceed with the WIF / ADFS approach, then the following might help:

• Single sign-on roadmap
• Checklist: Use AD FS to implement and manage single sign-on
• Verify and manage single sign-on with AD FS

Hope I'm not leading you on a wild duck chase with this info, but for the moment, that appears to me to be the most applicable information I could find.

Solution 2

Trying to simplify user2994340's answer: https://docs.microsoft.com/en-us/aspnet/visual-studio/overview/2013/creating-web-projects-in-visual-studio#orgauthonprem

If you have setup a Windows Server Active Directory but you haven't setup AD Federation Services, and you are not planning to do so, best option is to use "Windows Authentication" option.

Trying to not go beyond my knowledge, as I'm not an expert in this matter, I think the main benefits of using ADFS is having an extranet application providing a single sign-on process authenticating against your AD. I think in following link that's pretty good explained: https://en.wikipedia.org/wiki/Active_Directory_Federation_Services.

Answering to what the Metadata document is: is a XML document published by your ADFS to allow an application to discover all of the relevant info about your ADFS (addresses, signing keys, identifiers, etc) and derive the project’s configuration from it. You can check more information in the following link: https://blogs.msdn.microsoft.com/card/2010/06/24/using-federation-metadata-to-establish-a-relying-party-trust-in-ad-fs-2-0/

Related videos on Youtube

29 : 56

17.Authentication & Authorize with IdentityFramework in Asp.Net MVC5 |Tech Learn With Saleh Sayeem

Tech Learn With Saleh Sayeem

384

07 : 15

Part 70 Authorize and AllowAnonymous action filters in mvc

kudvenkat

183

53 : 46

ASP.NET Core 5.0 - Authentication/Authorization - .Net Engineering Forum 2021-01-26

Tony Spencer

102

24 : 55

15 How to do Authentication, Authorisation in ASP.NET MVC

mahesh panhale

88

11 : 05

(#53) Authentication and Authorization in mvc | mvc tutorial for beginners in .net c#

WebGentle

48

45 : 56

Part 3. ASP.NET Authentication and Authorization | Identity: External Login Provider

why zero one

2

42 : 43

Authentication & Authorization in ASP.NET MVC | ASP.NET MVC | DotNET Sessions

DOT NET Academy

2

Author by

Refracted Paladin

My Philosophy

Updated on June 15, 2022