claims-based-identity

问题 Sorry for my english. I have three projects: IdentityServer, Ensino.Mvc, Ensino.Api. The IdentityServer Project provides the main identity information and claims - claim Profile, claim Address, claim Sid... etc, from the IdentityServer4 library. The Ensino.Mvc Project gets this information in a token and sends it to the API, so that the MVC is grranted access to the resources. The token contains all the claims provided by IdentityServer. But in the API, I need to generate other claims that

问题 Suppose I have a front-end application that wants to fetch some data from a back-end service. (I do.) The service will need to verify that the end-user is authenticated, that it is authorized to use the service and possibly filter the returned data based on the user's privileges. In my case, both the front-end app and the back-end service relies on Azure ACS for authentication. Ideally the front-end would like to act on the behalf of the authenticated user, which sounds like a good fit for

问题 I get two different SID for the same user when the user is logging in through a Azure Web App (ASP.NET MVC) and Xamarin.iOS app Setup Azure WebApp ASP.NET 5 with API Controllers Xamarin iOS App with Microsoft.WindowsAzure.Mobile.Client SDK Azure B2C AAD User on Web I get the ObjectIdentifier value that is the AAD SID: var userClaim = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value; User on Mobile I get only a Nameidentifier value and no

问题 Is it possible to share the claims based authentication of a logged in Sharepoint 2010 user with a separate Asp.net application? The following article describes how it was done using Sharepoint 2007 and forms authentication through forms auth and sharing machine keys etc however I cannot find any information regarding the external application consuming the claims authentication that is now used in Sharepoint 2010? 回答1: Who authenticates the user in SP in your app? In a claims based

问题 I am trying to create an MVC5 Web Application configured to use the On-Premises Organizational Authenticated Option (ADFS) as described Here by Vittorio Bertocci First, I create new MVC project. Then I change the Authentication to On-Premises. Set the On-Premises Authority to my ADFS federation metadata Endpoint. I checked to make sure the federation metadata xml could be reached and it was. I leave the App ID URI field blank accepting the default value. I ve done both, provided a value and

问题 I've been looking for an exact answer but it seems most answers are client call and out of the scope. Question: I already have an access token access token. How to get a claim using c# code given an access token ONLY? I think: Below are the same questions but no answers i think fits. How to get the claims out of a authenticated SecurityToken How do I read claims from my Oauth token? 回答1: Install-Package Newtonsoft.Json The access token is just base64 encoded JSON. You can parse the token as

问题 Is it possible with an Owin Middleware implementation to add claims prior to the execution of a Web API controller? Created an OwinMiddleware implementation and added an identity: var id = new ClaimsIdentity(); id.AddClaim(new Claim("Whatever", "is possible")); context.Authentication.User.AddIdentity(id); await Next.Invoke(context); However, even this Invoke method call the identities are not updated (just the internal claims array). And the controller when executed of course never gets the

问题 I'm using ASP.NET Identity 2.2. I'm migrating the ASP.NET old membership to new Identity system. I am following the steps mentioned in this article for performing the migration. I have extended IdentityUser and added few more properties like follows: public partial class AspNetUser : IdentityUser { public AspNetUser() { CreateDate = DateTime.Now; IsApproved = false; LastLoginDate = DateTime.Now; LastActivityDate = DateTime.Now; LastPasswordChangedDate = DateTime.Now; LastLockoutDate =

问题 When I ask the information of the user WSO2, the response contains only his sub. Request GET https://srv-wso2.domain.com:9443/oauth2/userinfo?schema=openid Request headers {Accept=[application/json, application/*+json], Authorization=[Bearer 50ff3e7940248bdc01e2c1d33de77537], Content-Length=[0]} Response body {"sub":"RECIF/arnaud@carbon.super"} In repository/conf/identity/identity.xml file, OpenIdConnect is configured to use http://wso2.org/claims as UserInfoEndpointClaimDialect. I use an

问题 I have my configuration in web.config and it works fine. <configuration> <system.identityModel.services> <federationConfiguration> .... </federationConfiguration> </system.identityModel.services> </configuration> How do I move this out of web.config to a custom config file and load it from code? I want to use the same structure of this configuration so that I do not have to change anything in code if I have to change this configuration file. 回答1: You can tap into the WIF event from your