ws-federation

I am getting an error every time I try to run my MVC project on my development box through VS2015 and IIS Express. It uses this code to authenticate against our ADFS server. app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseWsFederationAuthentication( new WsFederationAuthenticationOptions { Wtrealm = realm, MetadataAddress = adfsMetadata }); This is the error I am getting in the browser. [AuthenticationException: The remote certificate is invalid according to the validation procedure

Recently I have started using claim-based authentication on an existing web application. Because the application makes use of jQuery & more notably, the AJAX functions, I have had to alter the handlers not to attempt to redirect the XmlHTTPRequests , and instead return a 403 status which is easier to handle. Here is the FederatedAuthentication.WSFederationAuthenticationModule.AuthorizationFailed event hanlder: protected void WSFederationAuthenticationModule_AuthorizationFailed(object sender, AuthorizationFailedEventArgs e) { //WSFederationAuthenticationModule sam =

Can somebody explain how to implement sliding expiration using the new Owin WS-Federation plugin? On the client side, at WS-Fedeartion configuration I see that there are some events like : Notifications = new WsFederationAuthenticationNotifications { SecurityTokenReceived = ..., AuthenticationFailed = ..., RedirectToIdentityProvider = ..., MessageReceived = ..., SecurityTokenValidated = .... }, But because the lack of documentation I can't really figure it out where an how? At the moment my STS is issuing tokens with absolute expiration : protected override Lifetime GetTokenLifetime(Lifetime

I have a multi-tenant application where each tenant can define their own ClientID, Authority, etc for either WsFed or OpenIdConnect. All the tenants are registered in the OwinStartup as below: public void Configuration(IAppBuilder app) { List<WsFederationAuthenticationOptions> WsFedTenantOptions = BuildWsFedTenantOptionsList(); List<OpenIdConnectAuthenticationOptions> OpenIdConnectTenantOptions = BuildOpenIdConnectTenantOptionsList(); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions() {

I'm using WS Federated (Claims Aware) authentication on an MVC 3 site and am having trouble keeping some of my API controllers that send JSON from returning a redirect when the authentication fails. I have an Area called API with several controllers that just return JSON, these controllers all inherit from the same base class. I want to send down legitimate 401 error responses instead of 302 redirects that are happening by default. I followed some directions I found for creating a custom WSFederationAuthenticationModule in concert with a filter I put on my API controller actions: public class

I have created a new ASP.NET MVC application with .NET 4.5. I have successfully set up authentication with an STS. The authentication flow is working fine and I am able to get the ClaimsIdentity, containing the desired claims, on Thread.CurrentPrincipal. Now I need the bootstrap token to secure the calls to my service layer. I have set the saveBootstrapContext to true on the identityConfiguration element. <system.identityModel> <identityConfiguration saveBootstrapContext="true"> However, the BootstrapContext property on the ClaimsIdentity is always null. var identity = Thread.CurrentPrincipal