Kentor AuthServices: ClaimTypeNamespace for SessionIndex and LogoutNameIdentifier

丶灬走出姿态 提交于 2019-12-11 05:29:58

问题


As a service provider we are getting following claims from IDP (ADFS).

  • http://kentor.se/AuthServices/LogoutNameIdentifier
  • http://kentor.se/AuthServices/SessionIndex

In AuthServices codebase AuthServicesClaimTypes.ClaimTypeNamespace is set to http://kentor.se/AuthServices. Should this namespace reflect SP (https://mysite/AuthServices)?

Also, under identityProviders configuration section (web.config), I am not setting logoutUrl, but still I am getting LogoutNameIdentifier claim from Idp. We do not support single logout.

Any suggestion is highly appreciated.

Thank you.


回答1:


  • No, they should not reflect the namespace of your SP. The claim names are is using http://kentor.se to ensure they cannot collide with something else.
  • It's a missing feature/bug that those claims are added even though you haven't configured single logout.


来源:https://stackoverflow.com/questions/40163052/kentor-authservices-claimtypenamespace-for-sessionindex-and-logoutnameidentifie

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!