3
我已經使用微軟的「本地」組織帳戶認證機制創建了一個ASP.Net MVC 5網站。這最終配置爲指向我公司的ADFS基礎架構。我找回所有配置的聲明。但是,在運行時,ClaimsIdentity.Name是空的。這是因爲ClaimsIdentity.NameClaimType,默認情況下,似乎是:如何在ASP.Net MVC 5網站中設置NameClaimType?
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
不過,我想ClaimsIdentity.Name我映射到:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
據Microsoft Docs,地方設置這在web.config中是securityTokenHandlers元素的添加元素中:
<system.identityModel>
<identityConfiguration>
<securityTokenHandlers>
<add>
<samlSecurityTokenRequirement>
<nameClaimType value=xs:string>
</nameClaimType>
</samlSecurityTokenRequirement>
</add>
</securityTokenHandlers>
</identityConfiguration>
</system.identityModel>
在我的ASP.Net MVC 5 web.config中,看起來適用的唯一的事情,並通過intellisense檢查結果看起來像這樣:
<system.identityModel>
<identityConfiguration>
<securityTokenHandlers>
<add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
<samlSecurityTokenRequirement>
<nameClaimType value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"/>
</samlSecurityTokenRequirement>
</add>
<remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</securityTokenHandlers>
</identityConfiguration>
</system.identityModel>
但是,這似乎沒有效果。我的MVC應用程序仍然報告一個空白ClaimsIdentity.Name場和ClaimsIdentity.NameClaimType仍然是:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
我應該我的web.config看起來喜歡我的現有要求到ClaimsIdentity.Name字段映射?