SingleSignOn
No edit summary |
(Updated Edited template to July 12, 2025.) |
||
| (6 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
<message>Write the content here to display this box</message> | |||
When running Turnkey in Intraweb scenarios, you will want to use SSO or single sign-on for your authenticated users. | When running Turnkey in Intraweb scenarios, you will want to use SSO or single sign-on for your authenticated users. | ||
| Line 7: | Line 8: | ||
*Authentication - Enabled: Windows Authentication | *Authentication - Enabled: Windows Authentication | ||
<s>In the MDriven Turnkey web config, do this: THIS IS OLD</s> | <s>In the MDriven Turnkey web config, do this: '''THIS IS OLD'''</s> | ||
<appSettings> | <appSettings> | ||
... | ... | ||
<add key="owin:AutomaticAppStartup" value="false"/> <-- Add this to stop the turnkey standard OWin | <add key="owin:AutomaticAppStartup" value="false"/> <-- Add this to stop the turnkey standard OWin | ||
</appSettings> | </appSettings> | ||
Instead of the above (that not only shutsdown owin but also signalR) | Instead of the above (that not only shutsdown owin, but also signalR), add this setting to TurnkeySettings.xml: | ||
<TurnOffOWINButKeepSignalR>true</TurnOffOWINButKeepSignalR> | <TurnOffOWINButKeepSignalR>true</TurnOffOWINButKeepSignalR> | ||
| Line 27: | Line 28: | ||
'''Tip:''' Consider adding the modified Web.config.Something to _AssetsTK. This way, it will be available in the Turnkey catalog if it is replaced by Turnkey re-deploy. | '''Tip:''' Consider adding the modified Web.config.Something to _AssetsTK. This way, it will be available in the Turnkey catalog if it is replaced by Turnkey re-deploy. | ||
[[Category:MDriven Turnkey]] | [[Category:MDriven Turnkey]] | ||
{{Edited|July|12|2025}} | |||
Latest revision as of 06:02, 20 January 2025
This page was created by Hans.karlsen@mdriven.net on 2017-03-31. Last edited by Edgar on 2025-01-20.
When running Turnkey in Intraweb scenarios, you will want to use SSO or single sign-on for your authenticated users.
In IIS, do this:
- AppPool - Managed Pipeline set to Integrated mode
- Authentication - Disabled: Anonymous Authentication
- Authentication - Disabled: ASP.NET Impersonation
- Authentication - Enabled: Windows Authentication
In the MDriven Turnkey web config, do this: THIS IS OLD
<appSettings> ... <add key="owin:AutomaticAppStartup" value="false"/> <-- Add this to stop the turnkey standard OWin </appSettings>
Instead of the above (that not only shutsdown owin, but also signalR), add this setting to TurnkeySettings.xml:
<TurnOffOWINButKeepSignalR>true</TurnOffOWINButKeepSignalR>
This is still good:
<system.web>
<authentication mode="None" /> <--- remove this line
<authentication mode="Windows" /> <-- Add this and the lines below
<authorization>
<deny users="?"/>
</authorization>
</system.web>
Tip: Consider adding the modified Web.config.Something to _AssetsTK. This way, it will be available in the Turnkey catalog if it is replaced by Turnkey re-deploy.