10

In SharePoint 2010 and earlier, it seems it was possible to share the authentication token with other ASP.Net applications using forms authentication and the ASPXAuth cookie.

I have a SharePoint 2013 Web Application using Forms Authentication and SQL Membership Provider. I also have an ASP.Net MVC Web Api application using the same SQL Membership provider for authentication.

With SharePoint 2013 now using claims authentication and the FEDAuth cookie, is it possible to share authentication? I wish to call into the web service using JQuery Ajax calls passing the credentials (FEDAuth cookie) with the XHR and have it authenticate without prompting the user for credentials.

Both SharePoint and the web service are hosted on the same domain, although if possible I'd like to have the web service on a subdomain of the SharePoint domain.

Improve this question
1
  • With claims authentication, it is possible to enable single-sign on between SharePoint and other applications. This is not easy tough. Commented Dec 17, 2014 at 19:21

1 Answer 1

Reset to default
2

FEDAuth cookie is essentially just a pointer. It tells SharePoint how to validate your credentials from the secure store service. It's probably much more trouble than it's worth to try and re-use that scheme as is.

You could use ADFS or write a simple custom STS that can give you a custom token that both your service and SharePoint can accept. If you search MSDN you will find quite a few references on building a custom STS. One example is here: http://msdn.microsoft.com/en-us/library/ee804740.aspx

Improve this answer
1
  • Thanks for your response. I have since configured SharePoint to use ThinkTecture Identity Server however I am getting issues when sharing the token between SharePoint and the Web Service: link Commented May 19, 2014 at 8:29

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.