thinktecture-ident-server

问题 I'm trying to Redirect user to Dashboard but it always redirect it to Home/Index that is because I've set RedirectUri to http://localhost:35641/ in Identity Server Options. But that is true in case of application landing page after login it needs to redirect o dashboard. I can write custom logic in Index's Action Result but I want to avoid it. MVC web Startup method public void Configuration(IAppBuilder app) { // Implicit mvc owin JwtSecurityTokenHandler.InboundClaimTypeMap = new Dictionary

问题 Have configured SSO via SAML and WS-Federation in Production using ADFS. New customer is asking to integrate SSO via OpenID Connect (oidc) with Google+. Identity Server v3 (IdSrv3) supports oidc, so I put together a prototype and I am able to integrate SSO using Google+ as follows: MyWebApp <-- ws-fed --> ADFS <-- ws-fed --> IdSrv3 <-- oidc --> Google+ Current configuration has IdSrv3 present the user a Login page with option to enter Username and Password and button to use Google+ as IdP.

问题 I was able to download and run locally, the MembershipReboot project. I was able to download and run on our test server the Thinktecture IdentityServer project. No major issues with each one by themselves. Now, I want to use MembershipReboot as part of my IdentityServer. I downloaded the sample code and I think I see where code replaces code. However, I'm blind as to what happens with the database. Which database becomes the master? Or do I run something to "upgrade" the IS database? How

问题 Given a scenario where a web hosted IdentityServer3 only handles authorization , being user authentication handled by an external custom service, what is required to implement to support this? A custom OWIN middleware? 回答1: Either connect to your "external custom service" form within your IUserService (idsrv specific) - or treat it as an external identity provider. In that case you need to write a Katana authentication middleware for it (reusable Katana component). For the UserService check

问题 I've implemented sliding sessions in my Relying Party application, as described in Sliding Sessions for WIF 4.5. That works great as far as it goes, but there's one problem that it seems nobody talks about. As the linked blog post points out, when the RP token expires, the next time make a request the token is re-issued from the STS. Assuming, of course, that the STS session lifetime is longer than the RP's session lifetime, which is almost certainly the case if you're implementing sliding

问题 I'm having some dramas making a call against a ServiceStack REST service which I've secured with an out of the box IdentityServer STS. I'm making an AJAX call against the REST endpoint, and I'm not sure how one might setup a logon procedure to get a security token to pass. The REST endpoint is on a different domain than the website making the call. The info that I've found so far all seems to revolve around the procedure where the client makes a call to the secured resource gets a 302

问题 We have configured Client App to use IdentityServer3 authentication via OpenID Connect protocol (it's ASP.NET MVC App that uses OWIN middleware to support OIDC). The IdentityServer3 itself is configured to use both local login and external login (Azure AD, for instance). In the regular flow once App need to authenticate user it redirects him to the IdentityServer3 login screen - it's fine. But in some cases, on per-request basis, I want to bypass login screen by somehow letting

问题 I am having a lot of trouble getting my asp.net 5 web app to be able to accept JWT tokens . I have the code already fully functional using mvc5 and just want some help converting this code to be identical but work with mvc6. The way it is set up is my client (web-site) is a trusted app and uses an IssuerSigningToken to validate the trusted app status, and after that I can just pass JWT tokens and get user and claims details back from auth server. old code: public void Configuration

问题 I have the following challenge: My company needs to enable SSO for a customer that has its own ADFS instance & IP in place. (in the future I'm sure we will need to federate with other companies too) We also need to continue to support customers authenticating against our SQL database. Basically I think what I need to do is set this up as described here http://msdn.microsoft.com/en-us/library/hh446524.aspx, but I would like to do this all using thinktecture identity server and not use ADFS. To

问题 There are many similar topics with same issue, but nothing relevant to my issue on Identity server. Probably am still failing to understand this. I am trying to implement identity server authentication by recreating this sample Sample GetToken() method is working fine, but when I call GetToken() method in my application I get error The remote certificate is invalid according to the validation procedure. I am realy not sure how semple working fine, but my code does not. This is code public