claims-based-identity

问题 I have successfully linked aspnetusers table to my custom users table as one-to-one relationship. Now when i go to register all information is successfully added to both tables except one thing - Id. My pk userId in users table is an AutoIncrement key and i wish to add the same value in the id field of aspnetUsers table. I think i will have to override createAsync or do i remove from SignInAsync await user.GenerateUserIdentityAsync(UserManager) Inside AccountController Register method, I have

问题 i work at a company where all my web-applications connect to the LDAP-Directories or the AD for Authentication and/or Authorisation purposes. Generally this works quite well. Nowadays though - especially due to the latest introdution to SP2010 - people are looking forward to single sign ons and don't wanna re-login. So my Question: Is there any way to make PHP Claim the Authentication from Windows? I mean sure SharePoint does it with WIF on IIS - maybe theres a way PHP is as awesome :P My

问题 In my previous post i asked how to check/add user roles, but now i face another problem. Since microsoft moved to the new Identity 2.0, AuthorizeAttribute doesn't work anymore. Is there any substitute filter for the Authorize? EDIT: I've made some tests and [Authorize(Users = "SOME_ID")] works, but not [Authorize(Roles = "Admin")]. And i verified if the user was really in that role (Admin) 回答1: Actually [Authorize(Roles = "ROLENAME")] working fine. Check your userRoles (or AspNetUserRoles)

问题 App Service uses federated identity, in which a third-party identity provider manages the user identities and authentication flow for you. Five identity providers are available by default. The documentation states that you can also integrate another identity provider. The App Service documentation on authentication and authorization, here: https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization states that besides the Identity providers which are pre

问题 I am trying to wrap my head around several concepts here but I don't want this question to be too broad - basically what we are trying to do is use role claims as permissions to lock down our API but I am finding that the access_token is becoming too big. We are using OpenIddict and ASP.NET Identity 3 on the server side. We have implemented the default AspNetRoleClaims table to store our claims for each role - using them as permissions. We lock down our API endpoints using custom policy based

问题 I am using OWIN 2.0, and after I log in a user, I want to retrieve an existing claim from the database but if I try to get the user's claims they are empty. If I put the same code in any of the subsequent controllers that gets called then the claims are there. It seems that the claims are not available until the next request after the initial login. Why is this? var claimsIdentity = User.Identity as ClaimsIdentity; var testClaim = claimsIdentity.Claims.Where(r => r.Type == "TestClaim")

问题 I'm implementing Asp.NET MVC application with Identity 2.x Authentication and Authorization model. During LogIn process I add Custom Claims (not persisted in the DB!), deriving from data passed in the LogIn from, to the Identity and I can correctly access them later on, until the identity gets regenerated. [HttpPost] [AllowAnonymous] [ValidateHeaderAntiForgeryToken] [ActionName("LogIn")] public async Task<JsonResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid)

问题 I have read this article: Identity Delegation with AD FS 2.0 Step-by-Step Guide on how to perform identity delegation using WIF from an ASP.NET application to a back end WCF service. I currently have an ASP.NET WebAPI REST service that I want to be able to call from my ASP.NET application using identity delegation, but I cannot find any information on how to accomplish this. The mentioned technet article uses CreateChannelActingAs to create a channel to the WCF service using the calling user

问题 How can I extend the IdentityRoles to work with an extended AspNetRoles Table? in ASP MVC 5, with Identity 2.2 I looked here & here the answers do not help with DB First EF Step 1: I extended/added the CompanyId & DescRole (to make Role unique by company/tenant) CREATE TABLE [dbo].[AspNetRoles] // EXTENDED role table [Id] [nvarchar](50) NOT NULL, [Name] [nvarchar](50) NOT NULL, [Description] [nvarchar](50) NOT NULL, // EXTENDED [CompanyId] [nvarchar](50) NOT NULL, // EXTENDED Company/Tenant

问题 Background We are transitioning to Claims-Based auth in our app (on .NET 4.5) We currently have authentication via Asp.net membership & domain auth working correctly. The domain portion looks like this (generalized a little): var context = new PrincipalContext(ContextType.Domain, ADDomainName); return context.ValidateCredentials(username, password); Problem / Goal Sometimes we (or some consultants we use) are on a VPN connection using machines that can see our domain servers, but that aren't