Authentication with IIS Module
This document explains how to implement Authentication with IIS Module.
⬇️ Download the latest IIS Module.
1- Configure your Application on IIS
Copy the IIS Module “dll” files under your application “bin” folder.
2- Configure your Application on IIS
For applications running on Internet Information Services, there are two types of application pool options, Integrated and Classic Mode
If the application uses Integrated App Pool;
The web.config file should have these configurations.
<system.webServer>
<modules>
<add name="MonoSignAuthenticationModule" type="MonoSign.IISModule.MonoSignAuthenticationModule, MonoSign.IISModule" />
</modules>
If the application uses Classic App Pool;
The web.config file should have these configurations.
<system.web>
<httpModules>
<add name="MonoSignAuthenticationModule" type="MonoSign.IISModule.MonoSignAuthenticationModule, MonoSign.IISModule" />
</httpModules>
3- Configure your Application configuration files “keys” section
<add key="MONOSIGN_TOKEN_QUERYSTRING_NAME" value="ticket" />
<add key="MONOSIGN_LOGIN_URL" value="{Login-Url-To-Redirect}?returnUrl={0}" />
<add key="MONOSIGN_TOKEN_CHECK_URL" value="{Your-Ticket-Service-Url-Here}?service={0}&ticket={1}&clientIP={2}&renew=true" />
<add key="MONOSIGN_TOKEN_CHECK_RESPONSE_TYPE" value="XML" />
<add key="MONOSIGN_SERVICE_NAME" value="{Your-Application-Name}" />
<add key="MONOSIGN_TOKEN_CHECK_USERNAME_PATH" value="response.userName" />
<add key="MONOSYNC_URL" value="{Your-MonoSync-Url-Here}api/v1/objects/Object-Name/search" />
<add key="MONOSYNC_API_KEY" value="{MonoSync-Api-Key-Here}" />
<add key="MONOSYNC_SOURCE_USERNAME_FIELD" value="SourceUserName" />
<add key="MONOSYNC_APPLICATION_NAME_FIELD" value="ApplicationName" />
<add key="MONOSYNC_TARGET_USERNAME_FIELD" value="TargetUserName" />
<add key="MONOSIGN_AUTH_COOKIE_NAME" value="integratedApp" />
MONOSIGN_TOKEN_QUERYSTRING_NAME
=> The query string name which the token / ticket will be written to by the identity provider.
MONOSIGN_LOGIN_URL
=> The login url to redirect in case of an unauthenticated request comes in.
MONOSIGN_TOKEN_CHECK_URL
=> The service address for token / ticket to validate and control.
MONOSIGN_TOKEN_CHECK_RESPONSE_TYPE
=> The response type of the token check service. (XML or JSON)
MONOSIGN_TOKEN_CHECK_USERNAME_PATH
=> The path of the username in the response of token check service (ex: response.userName)
MONOSIGN_SERVICE_NAME
=> The service / application name to provide the target identity provider with the ticket and token.
MONOSIGN_AUTH_COOKIE_NAME
=> The prefix of the authentication cookie name to differentiate multiple IIS applications. (Optional)
if your target application requires username manipulation;
The source userName and the target userName should presen in the MonoSync platform. In this case these configurations should be setted.
MONOSYNC_URL
=> The full search url of the userName mapping object of your MonoSync installation.
MONOSYNC_API_KEY
=> The api key to communicate with MonoSync API services.
MONOSYNC_SOURCE_USERNAME_FIELD
=> The field name where the source userName is saved on the object.
MONOSYNC_TARGET_USERNAME_FIELD
=> The target userName field which is mapped with the source userName.
For troubleshooting, the application log files and Windows Event Viewer logs should be followed.
Check the dotnet version on the target application if any dotnet framework issues.