SingleSignOn
Hans Karlsen (talk | contribs) No edit summary |
(Automatically adding template at the end of the page.) |
||
| (8 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
When running Turnkey in Intraweb scenarios you will want to use SSO or single sign on for your authenticated users. | When running Turnkey in Intraweb scenarios, you will want to use SSO or single sign-on for your authenticated users. | ||
In IIS do this: | In IIS, do this: | ||
*AppPool - Managed Pipeline set to Integrated mode | *AppPool - Managed Pipeline set to Integrated mode | ||
*Authentication - Disabled: Anonymous Authentication | *Authentication - Disabled: Anonymous Authentication | ||
*Authentication - Disabled: ASP.NET Impersonation | *Authentication - Disabled: ASP.NET Impersonation | ||
*Authentication - Enabled: Windows Authentication | *Authentication - Enabled: Windows Authentication | ||
In the MDriven Turnkey web config do this | <s>In the MDriven Turnkey web config, do this: '''THIS IS OLD'''</s> | ||
<appSettings> | <appSettings> | ||
... | ... | ||
<add key="owin:AutomaticAppStartup" value="false"/> <-- Add this to stop the turnkey standard OWin | <add key="owin:AutomaticAppStartup" value="false"/> <-- Add this to stop the turnkey standard OWin | ||
</appSettings> | </appSettings> | ||
Instead of the above (that not only shutsdown owin but also signalR) you add this setting to TurnkeySettings.xml: | |||
<TurnOffOWINButKeepSignalR>true</TurnOffOWINButKeepSignalR> | |||
This is still good: | |||
<system.web> | <system.web> | ||
| Line 22: | Line 25: | ||
</authorization> | </authorization> | ||
</system.web> | </system.web> | ||
'''Tip:''' Consider adding the modified Web.config.Something to _AssetsTK. This way, it will be available in the Turnkey catalog if it is replaced by Turnkey re-deploy. | |||
[[Category:MDriven Turnkey]] | |||
{{Edited|July|12|2024}} | |||
Latest revision as of 15:46, 10 February 2024
When running Turnkey in Intraweb scenarios, you will want to use SSO or single sign-on for your authenticated users.
In IIS, do this:
- AppPool - Managed Pipeline set to Integrated mode
- Authentication - Disabled: Anonymous Authentication
- Authentication - Disabled: ASP.NET Impersonation
- Authentication - Enabled: Windows Authentication
In the MDriven Turnkey web config, do this: THIS IS OLD
<appSettings> ... <add key="owin:AutomaticAppStartup" value="false"/> <-- Add this to stop the turnkey standard OWin </appSettings>
Instead of the above (that not only shutsdown owin but also signalR) you add this setting to TurnkeySettings.xml:
<TurnOffOWINButKeepSignalR>true</TurnOffOWINButKeepSignalR>
This is still good:
<system.web>
<authentication mode="None" /> <--- remove this line
<authentication mode="Windows" /> <-- Add this and the lines below
<authorization>
<deny users="?"/>
</authorization>
</system.web>
Tip: Consider adding the modified Web.config.Something to _AssetsTK. This way, it will be available in the Turnkey catalog if it is replaced by Turnkey re-deploy.
This page was edited more than 11 months ago on 02/10/2024. What links here