1. 首頁
  2. 問答
  3. 後登錄

後登錄

2015-11-20 57 views
0

即時得到無限的重定向我登錄後Owin WSFederation無限重定向。後登錄

我ConfigureAuth.cs就像

//defines default authentication to WSFederation 
app.SetDefaultSignInAsAuthenticationType(WsFederationAuthenticationDefaults.AuthenticationType); 

//Defines the MetadataAddress and realm 
app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions 
{ 
     MetadataAddress = ConfigurationManager.AppSettings["ida:AdfsMetadataEndpoint"], 
     Wtrealm = ConfigurationManager.AppSettings["ida:Audience"] 
}); 

//Defines WSFederation cookie as default authentication type 
app.UseCookieAuthentication(new CookieAuthenticationOptions 
{ 
     AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType, 
});

我能到ADFS登錄頁,但是當它返回到我的應用程序不斷向ADFS詢問有效的身份驗證,在6次請求後,我被ADFS阻止。

更新1

事實證明,我需要指定發行人,TokenEndpoint和證書密鑰,出於某種原因owin沒得到從元數據這些值,所以我結束了複製元數據的值並在appsettings下的webconfig中使用它們。

public void ConfigureAuth(IAppBuilder app) 
    { 
      app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); 
     app.UseCookieAuthentication(new CookieAuthenticationOptions { }); 

     app.UseWsFederationAuthentication(
      new WsFederationAuthenticationOptions 
      { 
       Wtrealm = ConfigurationManager.AppSettings["ida:Audience"], 
       AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType, 

       Configuration = getWsFederationConfiguration() 
      } 
     ); 
    } 

    private static WsFederationConfiguration getWsFederationConfiguration() 
    { 
     WsFederationConfiguration configuration = new WsFederationConfiguration 
     { 
      Issuer = ConfigurationManager.AppSettings["wsFederation:trustedIssuer"], 
      TokenEndpoint = ConfigurationManager.AppSettings["wsFederation:issuer"], 
     }; 

     configuration.SigningKeys.Add(new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(ConfigurationManager.AppSettings["wsFederation:trustedIssuerSigningKey"])))); 

     return configuration; 
    }

來源

2015-11-20 BrunoMartinsPro

回答

0

事實證明,我需要指定頒發者,TokenEndpoint和證書密鑰,由於某種原因,owin沒有從元數據中獲取這些值,所以我最終複製了元數據的值並在appsettings下的webconfig中使用它們。

public void ConfigureAuth(IAppBuilder app) 
    { 
      app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); 
     app.UseCookieAuthentication(new CookieAuthenticationOptions { }); 

     app.UseWsFederationAuthentication(
      new WsFederationAuthenticationOptions 
      { 
       Wtrealm = ConfigurationManager.AppSettings["ida:Audience"], 
       AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType, 

       Configuration = getWsFederationConfiguration() 
      } 
     ); 
    } 

    private static WsFederationConfiguration getWsFederationConfiguration() 
    { 
     WsFederationConfiguration configuration = new WsFederationConfiguration 
     { 
      Issuer = ConfigurationManager.AppSettings["wsFederation:trustedIssuer"], 
      TokenEndpoint = ConfigurationManager.AppSettings["wsFederation:issuer"], 
     }; 

     configuration.SigningKeys.Add(new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(ConfigurationManager.AppSettings["wsFederation:trustedIssuerSigningKey"])))); 

     return configuration; 
    }

來源

2015-11-23 14:31:38 BrunoMartinsPro

2

如何觸發驗證?如果是通過[授權],您是否碰巧請求特殊用戶或角色?如果您要求登錄用戶沒有的角色,您最終會反彈。 另外,您應該更改通話順序:首先設置Cookie中間件,然後設置協議一。

來源

2015-11-20 18:51:50 vibronet

+0

是的我有一個授權覆蓋,我只是驗證,如果用戶有一個具體的要求。但問題是,由於某種原因,owin沒有從元數據中獲得我需要的值(請參閱更新1),謝謝 – BrunoMartinsPro

相關問題

 相關問題