katana

How can I reject An identity? My class inherits from OAuthBearerAuthenticationProvider and I have an override of ValidateIdentity? I have tried setting context.Rejected(); or context.SetError(); and throwing an exception but my controllers still get called. OAuthBearerAuthenticationHandler does call my class so I know I have the setup correct. my current failing code public void ConfigureAuth ( IAppBuilder app ) { // Enable the application to use a cookie to store information for the signed in user // and to use a cookie to temporarily store information about a user logging in with a third

When I write to the response, Katana skips sending out the Elapsed-Time response header. How can I have it set the headers for me before I write to the stream for the first time? Middleware #1 public override async Task Invoke(IOwinContext context) { var stopwatch = new Stopwatch(); stopwatch.Start(); await Next.Invoke(context); stopwatch.Stop(); context.Response.Headers.Add("Elapsed-Time", new[] {stopwatch.ElapsedMilliseconds.ToString()}); } Middleware #2 public override async Task Invoke(IOwinContext context) { await context.Response.WriteAsync("test"); } After some research, the answer is

What is the difference between the following two ways of accessing the principle via an AuthorizeAttribute implementation? Using HttpContext : protected override bool IsAuthorized(HttpActionContext actionContext) { return HttpContext.Current.User.IsInRole("DemoRole"); } Using HttpActionContext : protected override bool IsAuthorized(HttpActionContext actionContext) { return actionContext.RequestContext.Principal.IsInRole("DemoRole"); } 来源： https://stackoverflow.com/questions/28235979/web-api-2-httpcontext-or-httpactioncontext

I'm trying to self-host a simple WebAPI: public class AccountViewApplication { protected IDisposable WebApplication; public void Start() { WebApplication = WebApp.Start<WebPipeline>("http://myhost.mymachine.me:12345"); new AccountViewApplication().Start(); } public void Stop() { WebApplication.Dispose(); } } The first time I run this, it starts to listen just fine, but the next time that I try - I get this: Failed to listen on prefix ' http://myhost.mymachine.me:12345/ ' because it conflicts with an existing registration on the machine What can I do to make it listen every time, and not

There are multiple question I have around self-hosting Self Hosting Nuget There are 2 nuget which provide self hosting : Microsoft.AspNet.WebApi.OwinSelfHost and Microsoft.AspNet.WebApi.SelfHost , so does microsoft have 2 implementation of self hosting?? or they are same?? Owin or Kitana the name of nuget is Microsoft.AspNet.WebApi.OwinSelfHost has OWIN, but as far as I read Owin is an interface and Kitana an implementation, what is the name of the nuget for implementation?? Hosting in Production I have managed to run the example by creating a console. But when deploying to prod, how to deploy

Can somebody explain how to implement sliding expiration using the new Owin WS-Federation plugin? On the client side, at WS-Fedeartion configuration I see that there are some events like : Notifications = new WsFederationAuthenticationNotifications { SecurityTokenReceived = ..., AuthenticationFailed = ..., RedirectToIdentityProvider = ..., MessageReceived = ..., SecurityTokenValidated = .... }, But because the lack of documentation I can't really figure it out where an how? At the moment my STS is issuing tokens with absolute expiration : protected override Lifetime GetTokenLifetime(Lifetime

If you create an empty ASP.NET Web Application project in Visual Studio 2013 open the package manager console and install-package Microsoft.Owin.Host.SystemWeb Add a Startup class with a Configuration(IAppBuilder app) method, for example: public class Startup { public void Configuration(IAppBuilder app) { app.Run(context => context.Response.WriteAsync("hello")); } } And run, you'll see hello show up in the browser. However, it you look at the project, there's no change to any files, namely to web.config, that indicates that the Owin pipeline is being used. More importantly, if you have the