Skip to main content
Skip table of contents

Authentication with IIS Module

This document explains how to implement Authentication with IIS Module.

⬇️ Download the latest IIS Module.

1- Configure your Application on IIS

Copy the IIS Module “dll” files under your application “bin” folder.

IIS Module files

2- Configure your Application on IIS

For applications running on Internet Information Services, there are two types of application pool options, Integrated and Classic Mode

If the application uses Integrated App Pool;

The web.config file should have these configurations.

XML
<system.webServer>
 <modules>
 <add name="MonoSignAuthenticationModule" type="MonoSign.IISModule.MonoSignAuthenticationModule, MonoSign.IISModule" />
 </modules>

If the application uses Classic App Pool;

The web.config file should have these configurations.

XML
<system.web>
 <httpModules>
 <add name="MonoSignAuthenticationModule" type="MonoSign.IISModule.MonoSignAuthenticationModule, MonoSign.IISModule" />
 </httpModules>

Find the application pool of your application

Get the application pool type under “Managed Pipeline Mode” column

3- Configure your Application configuration files “keys” section

XML
  <add key="MONOSIGN_TOKEN_QUERYSTRING_NAME" value="ticket" />
  <add key="MONOSIGN_LOGIN_URL" value="{Login-Url-To-Redirect}?returnUrl={0}" />
  <add key="MONOSIGN_TOKEN_CHECK_URL" value="{Your-Ticket-Service-Url-Here}?service={0}&amp;ticket={1}&amp;clientIP={2}&amp;renew=true" />
  <add key="MONOSIGN_TOKEN_CHECK_RESPONSE_TYPE" value="XML" />
  <add key="MONOSIGN_SERVICE_NAME" value="{Your-Application-Name}" />
  <add key="MONOSIGN_TOKEN_CHECK_USERNAME_PATH" value="response.userName" />
  <add key="MONOSYNC_URL" value="{Your-MonoSync-Url-Here}api/v1/objects/Object-Name/search" />
  <add key="MONOSYNC_API_KEY" value="{MonoSync-Api-Key-Here}" />
  <add key="MONOSYNC_SOURCE_USERNAME_FIELD" value="SourceUserName" />
  <add key="MONOSYNC_APPLICATION_NAME_FIELD" value="ApplicationName" />
  <add key="MONOSYNC_TARGET_USERNAME_FIELD" value="TargetUserName" />
  <add key="MONOSIGN_AUTH_COOKIE_NAME" value="integratedApp" />

MONOSIGN_TOKEN_QUERYSTRING_NAME => The query string name which the token / ticket will be written to by the identity provider.

MONOSIGN_LOGIN_URL => The login url to redirect in case of an unauthenticated request comes in.

MONOSIGN_TOKEN_CHECK_URL => The service address for token / ticket to validate and control.

MONOSIGN_TOKEN_CHECK_RESPONSE_TYPE => The response type of the token check service. (XML or JSON)

MONOSIGN_TOKEN_CHECK_USERNAME_PATH => The path of the username in the response of token check service (ex: response.userName)

MONOSIGN_SERVICE_NAME => The service / application name to provide the target identity provider with the ticket and token.

MONOSIGN_AUTH_COOKIE_NAME => The prefix of the authentication cookie name to differentiate multiple IIS applications. (Optional)

if your target application requires username manipulation;

The source userName and the target userName should presen in the MonoSync platform. In this case these configurations should be setted.

MONOSYNC_URL => The full search url of the userName mapping object of your MonoSync installation.

MONOSYNC_API_KEY => The api key to communicate with MonoSync API services.

MONOSYNC_SOURCE_USERNAME_FIELD => The field name where the source userName is saved on the object.

MONOSYNC_TARGET_USERNAME_FIELD => The target userName field which is mapped with the source userName.

For troubleshooting, the application log files and Windows Event Viewer logs should be followed.

Check the dotnet version on the target application if any dotnet framework issues.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.