Integrate Azure ADFS to an existing Asp.Net Webforms application

The tutorial explains how to integrate Azure ADFS to an existing Asp.Net Web forms application. All you need is an Azure Account.

Most of the organisation will have their azure active directory integration, hence login with your organisational email to https://portal.azure.com

Create a empty web application in your Visual Studio 2015. Install few nuget packages listed below,

Install-package Microsoft.Owin
Install-package Microsoft.Owin.Host.SystemWeb
Install-package Microsoft.Owin.Security
Install-package Microsoft.Owin.Security.Cookies
Install-package Microsoft.Owin.Security.WsFederation

Add an OWIN Startup class file to your project and make the file named “Startup.cs”

Open the class file and add the following items mentioned below:

Namespaces:

using System;
using System.Configuration;
using System.Threading.Tasks;
using Microsoft.Owin;
using Microsoft.Owin.Extensions;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.Cookies;
using Microsoft.Owin.Security.WsFederation;
using Owin;

Define the following string to receive realm and adfs metadata.

private static string realm = ConfigurationManager.AppSettings["ida:Wtrealm"];
private static string adfsMetadata = ConfigurationManager.AppSettings["ida:ADFSMetadata"];

Add the following code inside Configuration function.

app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseWsFederationAuthentication(
new WsFederationAuthenticationOptions
{
Wtrealm = realm,
MetadataAddress = adfsMetadata
});

app.UseStageMarker(PipelineStage.Authenticate);



Few items to configure on your web.config file:

<add key="ida:ADFSMetadata" value="https://adfs.yourorgdomain.com/FederationMetadata/2007-06/FederationMetadata.xml" />
<add key="ida:Wtrealm" value="https://domain.azurewebsites.net" />

ADFSMetadata: Get your organisation metadata and link here
Wtrealm: This is the link to your Azure Web App.

Setup Authorization rule for the federation metadata.

<location path="FederationMetadata">
  <system.web>
    <authorization>
      <allow users="*" />
    </authorization>
  </system.web>
</location>
<system.webServer>
  <modules>
    <remove name="FormsAuthentication" />
  </modules>
</system.webServer>

Build and publish the web app on azure will take you to the azure login page, login with your organisation email ID which will validate the user and redirect to the mentioned website.