katana

问题 I'm trying to create a unified error handling/reporting in ASP.NET Web API 2.1 Project built on top of OWIN middleware (IIS HOST using Owin.Host.SystemWeb). Currently I used a custom exception logger which inherits from System.Web.Http.ExceptionHandling.ExceptionLogger and uses NLog to log all exceptions as the code below: public class NLogExceptionLogger : ExceptionLogger { private static readonly Logger Nlog = LogManager.GetCurrentClassLogger(); public override void Log

问题 I have a strange problem with using Owin cookie authentication. When I start my IIS server authentication works perfectly fine on IE/Firefox and Chrome. I started doing some testing with Authentication and logging in on different platforms and I have come up with a strange error. Sporadically the Owin framework / IIS just doesn't send any cookies to the browsers. I will type in a username and password which is correct the code runs but no cookie gets delivered to the browser at all. If I

问题 I set up a very simple ASP.NET MVC 5 application that tries to authenticate a user through an OpenID provider in Authorization Code mode. I'm able to log in and the server returns a code in the redirect URL querystring and a nonce cookie. However, back on the client application the user is not authenticated ( User.Identity.IsAuthenticated false), has no claims and called controller Action that has an Authorize attribute is never carried out. Browser stays on the redirect URL page which is the

问题 I am using Owin, Katana and Nancy to host a simple site with an authentication required section. Note I am also using nuget package - Nancy.MSOwinSecurity app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = Constants.AuthenticationType, LoginPath = new PathString("/Login"), }); app.UseNancy(); Here is my module code public class LoginModule : NancyModule { public LoginModule() { Post["login"] = p => { var name = Request.Form.name; var auth = Context

问题 In MVC5, which integrated with OWIN(Katana) via Microsoft.Owin.Host.SystemWeb.dll, why MVC handler didn't execute after IAppBuilder.Run method invoked, and did execute after IAppBuilder.Use method invoked? Here are my implementations: Case 1: public partial class Startup { public void Configuration(IAppBuilder app) { app.Use( async (context, next) => { await context.Response.WriteAsync(@"<h1>Before MVC</h1>"); await next.Invoke(); //What 's the "next" object now? await context.Response

问题 Due to potential firewall limitations and the need to have many instances of my app that cannot be competing for ports, I would like to use the Microsoft.Owin.Testing.TestServer class to create an in-memory web server that will serve requests to an embedded CefSharp browser (either WPF or Winforms is fine). I can create the TestServer with no issues. How can I configure the CefSharp WebBrowser control to use that Test Server rather than using the standard OS network stack? If I was forming my

问题 I wonder why asp.net mvc 5 Identity user uses string(GUID) as key not an int by default? Are there any reason to do this? I know that it is possible to change the key to int, but is this change good practice at all? May be this ids are kept somewhere in the cookie, or are used in OAUTH, and it is not recommended to do this? 回答1: Two things that come on top of my head are that int has a limitation where as GUID doesn't and that if I know my ID is 76, I can know the ids of at least 75 more

问题 I tried to implement a middleware just for my web API actions, so i found Map that is a extension method of IAppBuilder inerface. i checked katana source code [1], this method return an IAppBuilder same as Use method. but in owin/WebAPI i don't know why controllers dose not resolve after mapping? its clear after invoking next middleware, owin should run next middleware, but after mapping it seems there is no next middleware, where is my mistake? StartUp: public void Configuration(IAppBuilder

问题 I am trying to implement JWT authentication using OWIN middleware for my ASP.NET WebAPI 2.0. I am through with the first task of obtaining the jwt token from the OAuthAuthorizationServer. The resource owner and token server are same i.e same WebAPI generates the token and should consume too to provide access to resources. In my Global.asax file I have added the below code line GlobalConfiguration.Configure(FilterConfig.Configure); In my Filter.config I have added the following configure

问题 I want our service to advertise more than one authentication scheme: for example both Bearer and some custom scheme, say X-Custom. (I have an OWIN middleware component for each scheme). I take if from RFC 2616, sec 14.47 there is more than one way to do it: Option a) multiple headers WWW-Authenticate: Bearer WWW-Authenticate: X-Custom Option b) comma-separated list WWW-Authenticate: Bearer, X-Custom My preference would be option a) so a client only has to do something like Response.Headers