claims-based-identity | 易学教程

Add claims on successful login and retrieve it elsewhere in the application

阅读更多关于 Add claims on successful login and retrieve it elsewhere in the application

问题 Please I need assistance in implementing a custom way of assigning claims to authenticated users. On successful login, var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false); switch (result) { case SignInStatus.Success: //Get the user ApplicationUser user = UserManager.FindByEmail(model.Email); //Ends here ClaimsIdentity identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);

Why is my ClaimsIdentity IsAuthenticated always false (for web api Authorize filter)?

阅读更多关于 Why is my ClaimsIdentity IsAuthenticated always false (for web api Authorize filter)?

In a Web API project I am overriding the normal authentication process to check tokens instead. The code looks something like this: if ( true ) // validate the token or whatever here { var claims = new List<Claim>(); claims.Add( new Claim( ClaimTypes.Name, "MyUser" ) ); claims.Add( new Claim( ClaimTypes.NameIdentifier, "MyUserID" ) ); claims.Add( new Claim( ClaimTypes.Role, "MyRole" ) ); var claimsIdentity = new ClaimsIdentity( claims ); var principal = new ClaimsPrincipal( new[] { claimsIdentity } ); Thread.CurrentPrincipal = principal; HttpContext.Current.User = principal; } And then later

Role-based access control (RBAC) vs. Claims-based access control (CBAC) in ASP.NET MVC

阅读更多关于 Role-based access control (RBAC) vs. Claims-based access control (CBAC) in ASP.NET MVC

What are the main benefits of using CBAC vs. RBAC ? When is it better to use CBAC and when is it better to use RBAC? I'm trying to understand the general concepts of the CBAC model but the general idea is still not clear for me. I will try to show how you can benefit from Claim Based Access Control in an ASP.NET MVC Context. When you are using Role based authentication, if you have an action for creating customer and you want that the people who are in 'Sale' role should be able to do that, then you write code like this: [Authorize(Roles="Sale")] public ActionResult CreateCustomer() { return

MVC5 (VS2012) Identity CreateIdentityAsync - Value cannot be null

阅读更多关于 MVC5 (VS2012) Identity CreateIdentityAsync - Value cannot be null

I am trying to setup OAuth for a an MVC5 site (in VS2012). I am using Fluent NHibernate. I have setup my own Userstore and pass in a repository object to access NHibernate session object. I pass my store into the default aspnet usermanager provider. This eventually worked for local registration and logging in. I am not trying to setup connecting / registering with Facebook. It gets a successful account. Adds a user in the user table, adds a record in the logins table and then blows up. I have not implements claims in the user store, or put a claims collection in the user object. (not sure if

Claim Based Authentication using WCF

阅读更多关于 Claim Based Authentication using WCF

问题 I am trying to learn Claim Based Authentication. The business services (based on SOAP) will be using this service for authentication. Can you please give a reference to a simplified implementation in WCF? Though my actual requirement will be in DataPower, I want to learn the concepts by doing hands on with simplified WCF implementations. It would be great that article/tutorial/video (with code download) can be implemented as a self hosted service in VS2010. Note: I don’t have a server to test

Claim based authorization design for conditional edit operation in ASP.NET MVC App

阅读更多关于 Claim based authorization design for conditional edit operation in ASP.NET MVC App

问题 Designing an ASP.Net MVC application authorization using claim based model. Lets say that we have an object called - Product. Typically, there are 4 different actions - Create, Edit, Delete and View. Authorization is done using ClaimsAuthorize attribute. [Authorize] public class ProductController : Controller { [ClaimsAuthorize("Product", "VIEW")] public List<Product> GetProducts() { // .... } [ClaimsAuthorize("Product", "CREATE")] public Product CreateNewProduct(Product product) { //.... } }

Can I use ADFS 2.0 to authenticate certain users against SQL Server?

阅读更多关于 Can I use ADFS 2.0 to authenticate certain users against SQL Server?

I have been using ADFS to authenticate users against AD fine, using a claims aware template in VS. Some of our users will not be in Active Directory, so I would like to know if its possible to configure ADFS to look up SQL Server for these users and then carry on as normal. Does ADFS2.0 provide custom authentication stores? is a similar question, just one person says yes it can be done and other says you can't. Marnix Klooster AD FS 2.0 can only authenticate against Active Directory (AD DS). This is not explicitly documented in the official AD FS 2.0 documentation, but it follows from the

How to use Windows Active Directory Authentication and Identity Based Claims?

阅读更多关于 How to use Windows Active Directory Authentication and Identity Based Claims?

问题 Problem We want to use Windows Active Directory to authenticate a user into the application. However, we do not want to use Active Directory groups to manage authorization of controllers/views. As far as I know, there is not an easy way to marry AD and identity based claims. Goals Authenticate users with local Active Directory Use Identity framework to manage claims Attempts (Fails) Windows.Owin.Security.ActiveDirectory - Doh. This is for Azure AD. No LDAP support. Could they have called it

Anti-forgery token issue (MVC 5)

阅读更多关于 Anti-forgery token issue (MVC 5)

问题 I am having an issue with the anti-forgery token :( I have created my own User class which worked fine but now I am getting an error whenever I go to the /Account/Register page. The error is: A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please

ASP.NET MVC 2 and authentication using WIF (Windows Identity Foundation)

阅读更多关于 ASP.NET MVC 2 and authentication using WIF (Windows Identity Foundation)

问题 Are there any decent examples of the following available: Looking through the WIF SDK , there are examples of using WIF in conjunction with ASP.NET using the WSFederationAuthenticationModule (FAM) to redirect to an ASP.NET site thin skin on top of a Security Token Service (STS) that user uses to authenticate (via supplying a username and password). If I understand WIF and claims-based access correctly, I would like my application to provide its own login screen where users provide their