wif

问题 I am following this tutorial which shows how to build a claims aware ASP.NET WebForms app, with a page that "displays the claims in the token that was issued to you by the Security Token Service". Note that the tutorial "does not have detailed instructions for creating a Security Token Service (STS), and assumes you have already configured an STS." Now I followed the tutorial but I did not setup an STS myself. When I ran the web app I saw a claim on that page, specifically: Claim Type: http:/

问题 I have followed this article to build demo app with on-premise ADFS federation. http://www.cloudidentity.com/blog/2014/02/12/use-the-on-premises-organizational-authentication-option-adfs-with-asp-net-in-visual-studio-2013/ I am able to get needed information for user using simple code Dim UserEmail = System.Security.Claims.ClaimsPrincipal.Current.FindFirst(System.IdentityModel.Claims.ClaimTypes.Email).Value But how I can get user groups where the username belongs and check if user account is

问题 A WIF-based WCF service needs to call method FederatedServiceCredentials.ConfigureServiceHost(), or put the equivalent element <federatedServiceHostConfiguration> in the web.config file, to work. This is a setting on the service level, in other words it applies for all endpoints. According to the method documentation, the ServiceHostBase instance is modified in several WIF-specific ways. For example, the authorization is replaced by a WIF-based authorization class. Now I'd like to have a

问题 Completely new to ADFS, WIF, claims.. I followed the code in the question: ASP.NET web forms - how to combine WIF authentification with membership provider and role provider and was able to use it to passively authenticate user logged in against AD FS. However, I'm at a lost as to how tp query AD FS for this user to retrieve some of its LDAP attributes as I've configured them through the Relying Party Trust's Claims Rules as I configured within the ADFS Server. Any ideas? Was hoping to use

问题 I have a simple REST Web Service. I have tried to implement SimpleWebToken security therefor I created a custom SecurityTokenHandler with overridden CanreadToken and ReadToken then I registered it in web.cofig file. <system.identityModel> <identityConfiguration> <securityTokenHandlers> <clear/> <add type="TestTokens.SimpleWebTokenHandler, TestTokens"></add> </securityTokenHandlers> <audienceUris> <clear/> <add value="http://mytestrealm/"/> </audienceUris> </identityConfiguration> I thought

问题 I am processing a SAML2 token in WIF which contains an EncryptedAssertion. The mark-up does NOT contain a "Subject Identifier Key" Extension property and as such WIF SecurityTokenHandler fails as it tries to get the correct X509 certificate from the LocalMachineStore/Personal. The issue is clearly that the certificate used to encrypt the token does not contain the SKI Extension and of course the token generation code (Java) does not do seem to require it. To avoid having to modify the

问题 I'm using windows identity foundation with form authentification in ASP.NET Web Forms in .NET 4.5 How can I combine WIF form authentification with my custom membership provider and my custom role provider defined in web.config? I want to use my custom membership provider for load additional user info from SQL DB such as email, birthday, avatar iamge. I want to use my custom role provider to obtain all roles from SQL DB for authentificated user. My authentification method Authenticate(userName

问题 This is going to be a question really for someone who has knowledge with PingIdentity and ACS, which could be pretty limited. I've got my ACS set up, all working fine and I know how to add a custom STS (PingIdentity) but I can't find any of the PingIdentity Federation MetaData (FederationMetaData.xml) to authenticate with. Apparently our current system's workflow is such: Us -> Our PingIdentity server -> Supplier -> Supplier's PingIdentity server -> Route token back to us. Would I have to use

问题 I've used WIF to create a STS but how can I get Duplex callbacks working. The current binding i'm using is WS2007FederationHttp. Which I'm lead to believe doesn't support Duplex. Can WIF support duplex? 回答1: WIF can but that federation binding doesn't out of the box. You'll want to do something like: // Setting RequireClientCertificate = true enables mutual authentication (2 way SSL), originally disabled for WS2007FederationHttpBinding HttpsTransportBindingElement httpsBinding = outputBinding

问题 I have the following: A website ASP.Net application acting as an Identity Provider (IDP STS) Federation Provider (FP STS) A Resource ASP.NET MVC WebSite acting as (RP) when trying to access a Resource in RP, it goes thru the FP STS and gets redirected to IDP STS. User puts their credentials and upon validity of that, IDP provides some claims that are passed to FP STS and then sent back to RP. on the RP side, claims are received and resource is proivded. How do i make additional claim requests