Hello there. I've designed a Single Sign On authorization framework that I need developed in .NET C# as soon as possible.
The SSO SAFE Project (Single Sign On Solution -- Site Authorization Framework External) - Is a framework designed to enable internally authenticated AD users to access an intranet website via browser, select an external application link and be directed to that web application url along with a security token.
External third-party web applications will then authenticate the user's token out of band by communicating with a web service accessible only to public servers pre-whitelisted on the firewall.
Here are the framework components required :
1) SSO SAFE Admin -- .NET IIS Web App that limits access to users with a specific AD role membership as configured via the [url removed, login to view] that provides the ability to view, add and edit applications including the fields; application friendly name, application id, pass url, fail url, and token expiration time (in minutes.)
2) SSO SAFE Auth -- .NET IIS Web application to be hosted on an internal intranet server. The app will accept an application id string via post or query string and authenticate the user against Active Directory if they are not already authenticated.
Once the user is authenticated the application will then check for the existence of the application id passed. If it does not exist a configurable error message will be displayed, otherwise the application will then query the user's Active Directory profile for all roles that the user is a member of that are prefixed with the passed application id string and insert the application id and roles along with the user's username, first name, last name, email address, and expiration date/time encrypted in encrypted format into a MS SQL table indexed to an auto-generated record ID GUID authentication token. The expiration time/date is to be calculated by adding the application expiration time in minutes as defined for the application to the current server date/time.
The user is then be redirected to an external URL posting the record ID GUID authentication token as defined per the application.
3) SSO SAFE Auth Web Service -- .NET IIS REST Web service accessible only via https by external IPs whitelisted on the firewall, this service will authenticate a passed authentication user token by looking the token up in the database.
If the token does not exist or is expired a fail will be passed, along with the fail reason and the application's fail URL to redirect the user to. The text of the fail reasons should be configurable and stored in the [url removed, login to view] or other file.
Otherwise the service will respond with the user's information : application id, username, first name, last name, email, application role memberships and token expiration date/time.
4) SSO .NET Clean Up Scheduled Task -- A simple scheduled task to purge expired tokens from the MS SQL database table.
20 freelancers are bidding on average $634 for this job
============ Hi, I am following up and looking forward to have a reply in regards to my last message. Also did you see my 90+ reviews and 100+ projects won in our profile because on the project page [url removed, login to view] Daha fazlası
Dear Recruiting Manager, The functionality required by you is similar like OAuth 2.0 authentication. I am familiar with it and I can complete the desire project.