search

IdentityServer / IdentityServer2

[deprecated] Thinktecture IdentityServer is a light-weight security token service built with .NET 4.5, MVC 4, Web API and WCF.
Other
410 stars 291 forks source link

Questions on integrating with MicroStrategy #865

Open ghost opened 8 years ago

ghost commented 8 years ago

Hello,

I am working on implementing a SSO of my RP application (which uses IdentityServer2 as STS) with MicroStrategy (MSTR) web. MSTR web team has to create a custom module to implement SSO from my application. I have to pass the claims token (provided by STS on login) from my client RP application to the MSTR web. And the MSTR web's custom module has to read this token and again validate this token against the STS and then authenticate the user to use the MSTR web portal. Could you please advise on how this can be implemented?

Thanks.

brockallen commented 8 years ago

I'm not sure what MicroStrategy is. It sounds like a web framework you're using in your RP. You'd need to check with them if they support WS-Federation as a SSO protocol. You can look at Microsoft's Katana WS-Federation middleware as a sample. Beyond that I don't have much else to suggest.

ghost commented 8 years ago

Microstrategy is a BI product solution. They have 2 major components in that product. First one is the web portal through which users can login using username/password and access reports. These reports are pulled from their intelligence server (which is the second component and has the data). .

Our requirement is to develop a .net MVC application which will use the Identity server to login the users. We already have an existing RP application which uses the same STS for logging in users. We are going to add this new RP. This new application should be able to access the microstrategy web portal and perform a SSO. Now Microstrategy web portal has a customization option to read the security token, map the credentials against their user mappings and SSO the user to the web portal.

Microstrategy web portal needs the claim token to be included in the redirect URL so that their custom component can read it.

But my question is how can the MicroStrategy Web portal verify and validate the information (tokens) passed by our RP? Is there a WEB API that can be exposed from our STS?

brockallen commented 8 years ago

Ideally Microstrategy would just implement the RP side of the WS-Fed protocol. This would make the most sense if you or they need to do any custom work to get this SSO behavior you want.