wif

问题 I've been using WIF to authenticate our new website, the STS is based upon the starter-sts implementation. To enable this to work correctly on out load balanced environment I've used the following in the global.asax to override the default certificate behaviour. void onServiceConfigurationCreated(object sender, ServiceConfigurationCreatedEventArgs e) { List<CookieTransform> sessionTransforms = new List<CookieTransform>(new CookieTransform[] { new DeflateCookieTransform(), new

问题 I'm working with a couple of WCF services all secured using WIF and a STS provider (all using out of the box Microsoft code and examples). These services were all built using .NET 3.5 and have all been recently updated to .NET 4.0. ALL .dlls associated with the services have been updated to 4.0 as well. These services had worked as-is for years until I updated the framework versions. The problem is now when a call is made to a WCF service that secured by the STS WCF service, there is an error

问题 I'm trying to retrieve some information from the LiveID API but am getting the error: The provided request does not include an access token. An access token is required in order to request this resource. the code is relatively simple; I'm including the library, calling the initialiser with the nameidentifier claim I get from WIF and then requesting the me path. from the error message I surmise I failed to provide an access token... but wouldn't my app have this already since I successfully

问题 I'm trying to create a relying party web application which will use a local ADFS as its issuer. Doing this in Visual Studio 2012 was fairly easy using the tooling that was provided. Now I'm trying to do the same thing in Visual Studio 2013, and the experience is a little different. Basically I've followed the steps outlined in this blog post. What I noticed is that there is no FederationMetadata.xml file in the project, and when I browsed through the files generated by the template, I found

问题 everyone. What does 'Expiration time buffer' mean? Let me explain this to you. In my Azure Cloud service project, there is only one Web Role. And I integrated the ACS namespace enabled with some identity provider. And the identity provider will issue an token. Anyhow, there will be a SessionSecurityToken instance. And my web role will handle its expiration. Here is the sample code, void SessionAuthenticationModule_SessionSecurityTokenReceived(object sender,

问题 I have a WIF RP, with multiple trusted issuers configured, e.g: <trustedIssuers> <add thumbprint="..." name="Issuer1" /> <add thumbprint="..." name="Issuer2" /> </trustedIssuers> I'm trying to get hold of which particular issuer a token came from. I was hoping the IssuerNameRegistry.GetIssuerName(...) would do the trick, but it seems to return null unless the supplied token is a an X509SecurityToken. In the WSFederationAuthenticationModule 's SecurityTokenReceived event I observe the

问题 I am using Windows Identity foundation to manage login to our site. When a user logs in i am using some information in his request to put into the claims. It is all working fine, but now I need to manage this scenario: user is already logged in, athenticated and has a valid token. But user decides to browses in again (via a redirect from another site) So his information in his request is different. I want to either Sign him out - so that he naturally creates a new token with his new

问题 How do I make my WCF client authenticate using the ACS to my internally hosted WCF service? The issue revolves around setting a custom Realm (which I can't figure out how to set.) My ACS is configured similar to the ACS Samples however the "Realm" is defined as shown below. Excerpt from Azure ACS Configuration page Client Side Code EndpointAddress serviceEndpointAddress = new EndpointAddress( new Uri( "http://localhost:7000/Service/Default.aspx"), EndpointIdentity.CreateDnsIdentity(

问题 I'm currently looking into using WIF for an upcoming project and would appreciate some help finding information. I've looked around a bit and don't have a decisive answer. I have a current site that runs off ASP membership, and I have a large number of users in those tables. Are there any trusted custom STS's out there that use the membership table? Would my current site, which uses ASP membership require much change to use WIF and a STS? Do I have to use a certificate when using WIF? What is

问题 I have an ASP.NET Web Site running in Visual Studio dev-fabric (azure project) and am using ACS and WIF. My authentication process isn't working because after I login I get this: A potentially dangerous Request.Form value was detected from the client (wresult="<t:RequestSecurityTo..."). The documentation states that I need to add <pages validateRequest="false" /> and <httpRuntime requestValidationMode="2.0" /> And I did - but I'm still getting the error. I've also added validateRequest="false