Styjun

bash, check string on website

What is the purpose of this "red room" in "Stranger Things"?

Extrapolation v. Interpolation

The seven story archetypes. Are they truly all of them?

Short story where a flexible reality hardens to an unchanging one

Can GPL and BSD licensed applications be used for government work?

Where is this photo of a group of hikers taken? Is it really in the Ural?

What is an Eternal Word™?

Monty Hall Problem with a Fallible Monty

What happens if an IRB mistakenly approves unethical research?

Why did modems have speakers?

What is the best word describing the nature of expiring in a short amount of time, connoting "losing public attention"?

ExactlyOne extension method

Is an easily guessed plot twist a good plot twist?

Why is DC so, so, so Democratic?

Idioms: Should it be " the internet is a seemingly infinite well of information" or "the internet is a seemingly infinite wealth of information"

Are gangsters hired to attack people at a train station classified as a terrorist attack?

Is the statement "I/we am/are pressing charges" incorrect?

Why does the salt in the oceans not sink to the bottom?

How important is a good quality camera for good photography?

what to say when a company asks you why someone (a friend) who was fired left?

How can I deal with someone that wants to kill something that isn't supposed to be killed?

What Is the Meaning of "you has the wind of me"?

Using "Kollege" as "university friend"?

Identity Server 4 Authentication Too Slow

JWT (JSON Web Token) automatic prolongation of expirationSingle sign-on flow using JWT for cross domain authenticationIdentity Server 4 with OAuth and ADFSasp.net web form client with identity server 4IdentityServer4 with Asp.Net Identity and External Authentication fails to sign out.NET Core Identity Server 4 Authentication VS Identity AuthenticationConfiguring Identity Server to use ASP.NET Identity rolesCustom app login screen with identityserver4IdentityServer4 and Web Api in one project fails to authenticateStrange behaviour when accepting Bearer authentication and OpenIdConnect from a single client with IdentityServer4

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;

0

I just tried out the samples for identity server 4 in here for .Net Core

https://github.com/IdentityServer/IdentityServer4.Samples

On the QuickStarts I tested the ImplicitFlowAuthentication.

The thing is, it takes very long just to reach the login page on the identity server app sometimes.

I'm testing this in the intranet of our company and I was looking for a solution to centralize authentication for all of our applications.

Out of the box I really like how flexible identity server 4 is but i don't understand why it takes more than 20 seconds to reach the identity server 4. Today It took less than a second to access it but yesterday it took almost a minute to login and logout using the sample solution.

On the other hand I already have working solution with Jwt authentication using a Web API but I have to deal with many customizations and handle how i store the token on the clients.

So there's 2 options for me.

Option 1: Go with identity server 4 and try to optimize it as much as possible.

Option 2: Stay with Jwt Web Api Authentication and try to secure it as much as possible.

If anyone can help me choose and why for my situation please do so. My aim is to allow users on our company intranet to access every single application without having to login every time and avoid duplicating data for each app. Also the users are validated against a LDAP and i saw IdentityServer4 also has an extension.

If there are more options please advice.

EDIT

For testing IS4, I ran it locally, as the only user and in debug mode. I'm actually trying to find out if IS4 has some configuration that might slow down performance

asp.net-core jwt identityserver4

share|improve this question

edited Mar 26 at 15:38

ruipascoal

asked Mar 26 at 15:15

ruipascoalruipascoal

1777 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  How can we help, when you don't provide information on your exact issue? Where is it slow? development system? production? how many users? How many requests? did you check network issues? did you customize it? Are you in debugging mode (F5 mode, visual studio)?
  
  – Tseng
  Mar 26 at 15:26
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I just ran the sample locally as the only user in debug mode. What i'm trying to find out is if there is actually something on the application itself that slows redirection
  
  – ruipascoal
  Mar 26 at 15:37
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Debug mode is much slower, but 20 seconds sounds excessive, 2-4 seconds are more realistic, 5-8 on first execution due to jitter. Detach the debugger (or Ctrl+F5)
  
  – Tseng
  Mar 26 at 15:39
  

  
  
  
  

add a comment | 

0

I just tried out the samples for identity server 4 in here for .Net Core

https://github.com/IdentityServer/IdentityServer4.Samples

On the QuickStarts I tested the ImplicitFlowAuthentication.

The thing is, it takes very long just to reach the login page on the identity server app sometimes.

I'm testing this in the intranet of our company and I was looking for a solution to centralize authentication for all of our applications.

Out of the box I really like how flexible identity server 4 is but i don't understand why it takes more than 20 seconds to reach the identity server 4. Today It took less than a second to access it but yesterday it took almost a minute to login and logout using the sample solution.

On the other hand I already have working solution with Jwt authentication using a Web API but I have to deal with many customizations and handle how i store the token on the clients.

So there's 2 options for me.

Option 1: Go with identity server 4 and try to optimize it as much as possible.

Option 2: Stay with Jwt Web Api Authentication and try to secure it as much as possible.

If anyone can help me choose and why for my situation please do so. My aim is to allow users on our company intranet to access every single application without having to login every time and avoid duplicating data for each app. Also the users are validated against a LDAP and i saw IdentityServer4 also has an extension.

If there are more options please advice.

EDIT

For testing IS4, I ran it locally, as the only user and in debug mode. I'm actually trying to find out if IS4 has some configuration that might slow down performance

asp.net-core jwt identityserver4

share|improve this question

edited Mar 26 at 15:38

ruipascoal

asked Mar 26 at 15:15

ruipascoalruipascoal

1777 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  How can we help, when you don't provide information on your exact issue? Where is it slow? development system? production? how many users? How many requests? did you check network issues? did you customize it? Are you in debugging mode (F5 mode, visual studio)?
  
  – Tseng
  Mar 26 at 15:26
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I just ran the sample locally as the only user in debug mode. What i'm trying to find out is if there is actually something on the application itself that slows redirection
  
  – ruipascoal
  Mar 26 at 15:37
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Debug mode is much slower, but 20 seconds sounds excessive, 2-4 seconds are more realistic, 5-8 on first execution due to jitter. Detach the debugger (or Ctrl+F5)
  
  – Tseng
  Mar 26 at 15:39
  

  
  
  
  

add a comment | 

I just tried out the samples for identity server 4 in here for .Net Core

https://github.com/IdentityServer/IdentityServer4.Samples

On the QuickStarts I tested the ImplicitFlowAuthentication.

The thing is, it takes very long just to reach the login page on the identity server app sometimes.

I'm testing this in the intranet of our company and I was looking for a solution to centralize authentication for all of our applications.

Out of the box I really like how flexible identity server 4 is but i don't understand why it takes more than 20 seconds to reach the identity server 4. Today It took less than a second to access it but yesterday it took almost a minute to login and logout using the sample solution.

On the other hand I already have working solution with Jwt authentication using a Web API but I have to deal with many customizations and handle how i store the token on the clients.

So there's 2 options for me.

Option 1: Go with identity server 4 and try to optimize it as much as possible.

Option 2: Stay with Jwt Web Api Authentication and try to secure it as much as possible.

If anyone can help me choose and why for my situation please do so. My aim is to allow users on our company intranet to access every single application without having to login every time and avoid duplicating data for each app. Also the users are validated against a LDAP and i saw IdentityServer4 also has an extension.

If there are more options please advice.

EDIT

For testing IS4, I ran it locally, as the only user and in debug mode. I'm actually trying to find out if IS4 has some configuration that might slow down performance

asp.net-core jwt identityserver4

share|improve this question

edited Mar 26 at 15:38

ruipascoal

asked Mar 26 at 15:15

ruipascoalruipascoal

1777 bronze badges

share|improve this question

edited Mar 26 at 15:38

ruipascoal

asked Mar 26 at 15:15

ruipascoalruipascoal

1777 bronze badges

share|improve this question

edited Mar 26 at 15:38

ruipascoal

asked Mar 26 at 15:15

ruipascoalruipascoal

1777 bronze badges

asked Mar 26 at 15:15

ruipascoalruipascoal

1777 bronze badges

asked Mar 26 at 15:15

ruipascoalruipascoal

1777 bronze badges