How to use Owin Authentication in development (MVC)

Learn the basics of Owin Authentication, its highlights, keys & components and how to use it in MVC by development experts. This post is intended for programmers who wish to use Owin Authentication in MVC, but lacking in guidance. This article will guide them and explain the Owin Authentication in apt way.

1) A new security design for MVC,Owin Authentication middleware,is recommended for higher security.The security features can be shared by other components which are hosted on OWIN.
2) OWIN provides the underlying set of components to applications to enable, then to be flexible,portable,and lightweight. A better performance and optimization with applications is an added advantage.
3) It (OWIN) can also secure apps hosted on IIS, including MVC as well as Web API and Web Forms.

OWIN extends its support as:

Highlights of OWIN:
OWIN specification is a solution to the problems such as:

OWIN is a standard interface between .Net web servers and applications. The goal of OWIN is to decouple server and application depicted below:

/ *** [Request/ Response ->webserver (IIS) ->request/response ->OWIN ->request/response -> web framework (] ***/ OWIN Keys & Component:
1) Environment – A dictionarywhich is passed to the application from the server to request and response. The application can workdirectly with this dictionary instead of the communication with the server. This helps to create the decoupled OWIN architecture.

2)Generic function – A delegate that is used as the parameter to the environment and also returns . We can connect or use different middleware and their components using this function.

Use of such basic keys shown below:

owin.RequestBody (this is a request body) owin.RequestHeaders( this is a Dictionary <string, string[]> which is used for request header) owin.RequestMethod (this is again a kind of string containing the HTTP method of request like (GET POST) etc.) owin.RequestPath (used for path request) owin.RequestPathBase (Request path that corresponds to the root of app) owin.RequestProtocol (RRequest used for protocol and versions basically) How to create or add OWIN form Authentication from scratch:
1) Create an empty project in MVC, add the folders accordingly by naming as ABC and xyz or anything.
2) Add some important packages related to Owin authentication in the main package is :

And also can use such other packages named as:

Microsoft.Owin.Host.SystemWeb Microsoft.AspNet.Identity.Core Microsoft.Owin.Security.Cookies One more that usually add is of MVC addition i.e Microsoft.AspNet.mvc In the above packages, the first three packages are related directly with Microsoft implementation of OWIN and the “Microsoft.Owin.Security.Cookies” is related to the security and identity point of view.

Note: these packages get install through this: in visual studio go
Tools -> now get package manager -> package manager console
And write this
Install-Package (here the name of the package)

3) To install the packages , add the new item in the project solution,known as “OWIN startup class”.
4) At last configure OWIN in MVC,add essential code -

Add in config file class andname the file“AuthConfig.cs” , add the code : /** Public class AuthConfig { Public void Configuration(IAppBuilder objApp) { System.Web.Helpers.AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimType.Email; objApp.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString(“/ControllerName/ActionName”), CookieSecure = CookieSecureOption.SameAsRequest }); } } **/ 5) Come to the related controller action code ,for example, name of the action is login so the code can write as :

/** Private void login(List<Claim> objclaim) //, where the claim in the list is System.Security.Claims that add as namespace for this particular ,this is for security purpose claim { Var ObjclaimsIdentity = new DemoIdentity(objclaim, DefaultAuthenticationTypes.ApplicationCookie); // now have to write main OWIN Authentication part AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie); AuthenticationManager.login(new AuthenticationProperties() {IsPersistent = true}, ObjclaimsIdentity); HttpContext.User = new DemoPrincipal (AuthenticationManager.AuthenticationResponseGrant.Principal); } **/ Note : To authorize and authenticate your actions in MVC , you must add the attribute on top of action that is –

Just in case any thing is unclear or if you have any doubt, ask development experts straight away. They will respond to your query and explain the terms in the way you understand. For more updates related to Owin authentication, subscribe the official blog.


Client Testimonials

  • Fabio Durso

    We found a reliable and efficient partner in NexSoftSys, ready to support our strategy of offshore software development. NexSoftSys has particularly impressed by the speed of response to any request for the development of software applications and for their maintenance.

  • Filipe

    We did hire full time Java developers from NexSoftSys, to help us to improve a time to market of a product. The software platform is based on Java & Extjs, and they are delivering the software on time and with success. We strongly recommend NexSoftSys as Reliable Development partner.

  • Steve

    Powerful solutions are given by NexSoftSys dedicated developers for my projects. They suggest solutions as per current market trend. Other than this, the team is always ready for any type of changes or update. That is the main reason that I would like to give my next project to them.

Copyright © 2016 - NexSoftSys All rights reserved