.NetCore code with sustainsys-saml2 does nothing

Deadly 提交于 2021-02-08 10:58:31

问题


I have an .Net MVC project with SSO working. The SSO config looks like this:

    <system.identityModel>
    <identityConfiguration saveBootstrapContext="true">
      <caches>
        <sessionSecurityTokenCache type="Vixion.IdentityModel.Cache.SharedSessionSecurityTokenCache, Vixion.IdentityModel.Cache">
          <cacheServiceAddress url="http://tvwapps35434d.kpnis.nl:1008/SessionSecurityTokenCacheService.svc" />
        </sessionSecurityTokenCache>
      </caches>
      <audienceUris>
        <add value="http://localhost:24442/" />
      </audienceUris>
      <securityTokenHandlers>
        <remove type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        <add type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        <add type="System.IdentityModel.Tokens.Saml2SecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      </securityTokenHandlers>
      <certificateValidation certificateValidationMode="None" />
      <issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
        <authority name="http://vix-make-o:8080">
          <keys>
            <add thumbprint="5137c779a1e77a0f4a78abd356b0238912637469" />
          </keys>
          <validIssuers>
            <add name="http://vix-make-o:8080" />
          </validIssuers>
        </authority>
      </issuerNameRegistry>
    </identityConfiguration>
  </system.identityModel>
  <system.identityModel.services>
    <federationConfiguration>
      <cookieHandler requireSsl="false" path="/" />
      <wsFederation passiveRedirectEnabled="true" issuer="http://vix-make-o:8080" realm="http://localhost:24442/" requireHttps="false" reply="http://localhost:24442/" />
    </federationConfiguration>
  </system.identityModel.services>

According to the example here: https://github.com/Sustainsys/Saml2/tree/master/Sustainsys.Saml2.AspNetCore2

I write this code in a new .NetCore app:

services.AddIdentity<IdentityUser, IdentityRole>()                
                .AddDefaultTokenProviders();

services.AddDistributedMemoryCache();

services.AddSession(options =>
{
    options.Cookie.HttpOnly = true;
});

services.AddMvc()
    .AddJsonOptions(options => options.SerializerSettings.ContractResolver = new DefaultContractResolver());

services.AddAuthentication()
    .AddSaml2(options =>
    {
        options.SPOptions.EntityId = new EntityId("http://vix-make-o:8080");
        options.IdentityProviders.Add(
            new IdentityProvider(
                new EntityId("http://vix-make-o:8080/ws_saml_metadata"), options.SPOptions)
            {
                //LoadMetadata = true
            });                    
    });

app.UseAuthentication();
app.UseSession();
app.UseMvc(routes =>
{
    routes.MapRoute(
        name: "default",
        template: "{controller=Home}/{action=Index}/{id?}");
});

When I start the app, the browser goes straight to the index page. No error, no nothing. When I check with SAML Chrome Panel it shows no traffic at all.

I do not expect my code working, but it should at least do something to give me a hint to how to go further.

Any suggestions are welcome.

Thank you.

S.


回答1:


Remove the web.config content. It is not used with the ASP.NET Core module.

Set back the LoadMetadata flag, or add the necessary config manually.

Set Saml2 as the default challenge protocol for authentication.

Finally, add an [Authorize] attribute to your controllers that should require authentication to initiate the authentication process.



来源:https://stackoverflow.com/questions/53189131/netcore-code-with-sustainsys-saml2-does-nothing

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!