I have some applications which were written in ASP.NET Web Form standard without using dependency injection (.NET version 2, 3.x, 4.x).
We have used Membership Provider with MS-SQL server back-end for authentication.
Recently, we have decided to upgrade the authentication section to improve the security.
Based on our study, we may have 2 major issues:
We want to install a new SSO server using IdentityServer4 supporting the old database (or migrate the old data to new data model) and add some startup codes for the applications (and of course removing the current Membership Provider).
Is there any path way to migrate the data and the applications to use IdentityServer4 with the same custom MS-SQL server repository?
Is there any better approach for this problem?
You can use your own DB context for Identity Server. In the Startup.cs
:
services.AddDbContext<YourDBContext>(options => options.UseSqlServer(<connection_string>));
But you will have to extend it to support also Clients, ApiResources, PersistedGrants.
Regarding the WebForms application - you can use IdentityServer3.AccessTokenValidation
and IdenitityModel
libraries (Identity model should be < v2.0) - they work perfectly well with IdentityServer 4. No need of dependency injection, just an Owin startup class.
In this case, I guess you won't need to migrate your data