claims-based-identity

问题 I am identity 2.1.2 with asp.net core 2.0, I have application claim table which have claim type and claim value i.e Assets ,Assets Edit,Assets, Assets View, where claim types are same with distinct claim values and I am creating policies using claim type name which is working fine for me no clue about how to add multiple policies in one action. Below code is being used in startup file to create policies. services.AddAuthorization(options => { var dbContext =

问题 SigningCredentials on .NET Core is different from .NET 4.0 回答1: The equivalent code in .NET Core would be: var key = Encoding.UTF8.GetBytes(accessKey); var signingKey = new SymmetricSecurityKey(key); var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); The class names have changed a little, but everything should work the same. Make sure you are using the latest package versions. 来源： https://stackoverflow.com/questions/38089523/signingcredentials-on-net

问题 I have an application that used to use FormsAuthentication , and a while ago I switched it to use the IdentityModel from WindowsIdentityFramework so that I could benefit from claims based authentication, but it was rather ugly to use and implement. So now I'm looking at OwinAuthentication . I'm looking at OwinAuthentication and the Asp.Net Identity framework. But the Asp.Net Identity framework's only implementation at the moment uses EntityModel and I'm using nHibernate . So for now I'm

问题 I created my own dialect using the manaement console Configure-->Claim Management. After doing this, I wanted to configure my Service Provider to be associated with these claims, so I edited my SP and went to the Claim Configuration section. The issue I am running into is the only Local Claim claims which show up are the default wso2 ones. So you only ever see ones starting with http://wso2.org/claims/. With that said, I don't believe choosing Define Custom Claim Dialect is an appropriate

问题 Maybe this question highlights how little I know about claims identity management, but here it goes. If using WIF within an application that uses a third party STS for Identity and that uses custom claims for authorization ( something pertinent and specificto the application like CanCreateFooBar ) 1) How do I manage the users? Ie, the users from say AD or other membership provider can be identified, but internally in my system i need to know about them and have more user information that has

问题 I'm facing a very strange issue related to Azure AD and Azure App Service (Web App). I have a SPA built with Angular 1.5 + ADAL.JS, WebAPI (hosted on App Service) and Azure AD. I've created two applications into my Azure AD directory: - one native (SPA) - one web application (WebAPI). The Login and Logout workflows are working fine locally and on Azure. However, when I'm running on Azure and checking if an user is member of a group, the ClaimsPrincipal.Current.Claims only have one Claim. (I

问题 My application signs in via AzureAD, but now I need to get information from the DB and then store the Role as a Claim. So my question is: How can I store the Role as Claim after authentication ? This is what I tried: var user = User as ClaimsPrincipal; var identity = user.Identity as ClaimsIdentity; identity.AddClaim(new Claim(ClaimTypes.Role, "Admin")); But when I go to another controller, the claim does not exist anymore ? Thanks 回答1: You can achieve that during the authentication , in OIDC

问题 I'm writing a custom implementation of SessionSecurityTokenCache and I'm somewhat confused as to what the purpose of expiryTime is in the AddOrUpdate method. As far as I can tell, the default implementation for SessionSecurityTokenCache used by WIF is the internal class MruSessionSecurityTokenCache (mentioned here). In its implementation, expiryTime is completely ignored. Also, I notice while debugging that the value that gets passed in to AddOrUpdate appears to always be token.ValidTo plus 5

问题 I am creating a simple WebApi which allows users to connect with Facebook. When I get the accessToken back from facebook, I am calling RegisterExternal to create an Asp.Net Identity record and store the Claims from the token. These claims also include the access token which I require to query the facebook graph later. All seems fine up to this point. The issue I am having is reading the claims. I can see they are in my database I just cant figure out how to query this data. I have tried var

问题 I have a question regarding the SCP claim after using Azure to register an API that I've developed. I've followed various tutorials and sample applications. Everything validates correctly and I'm able to call a API Method from a trusted subsystem using primarily this tutorial: https://github.com/AzureADSamples/WebApp-WebAPI-OAuth2-AppIdentity-DotNet The problem that I'm having is when I try to validate the SCP claim: Claim scopeClaim = ClaimsPrincipal.Current.FindFirst("http://schemas