SingleSignOn
This page was created by Hans.karlsen on 2017-03-31. Last edited by Edgar on 2025-01-20.
When running Turnkey in Intraweb scenarios, you will want to use SSO or single sign-on for your authenticated users.
In IIS, do this:
- AppPool - Managed Pipeline set to Integrated mode
- Authentication - Disabled: Anonymous Authentication
- Authentication - Disabled: ASP.NET Impersonation
- Authentication - Enabled: Windows Authentication
In the MDriven Turnkey web config, do this: THIS IS OLD
<appSettings> ... <add key="owin:AutomaticAppStartup" value="false"/> <-- Add this to stop the turnkey standard OWin </appSettings>
Instead of the above (that not only shutsdown owin, but also signalR), add this setting to TurnkeySettings.xml:
<TurnOffOWINButKeepSignalR>true</TurnOffOWINButKeepSignalR>
This is still good:
<system.web>
<authentication mode="None" /> <--- remove this line
<authentication mode="Windows" /> <-- Add this and the lines below
<authorization>
<deny users="?"/>
</authorization>
</system.web>
Tip: Consider adding the modified Web.config.Something to _AssetsTK. This way, it will be available in the Turnkey catalog if it is replaced by Turnkey re-deploy.