wif

ASP.NET MVC 2 and authentication using WIF (Windows Identity Foundation)

夙愿已清 提交于 2019-11-28 04:33:13
Are there any decent examples of the following available: Looking through the WIF SDK , there are examples of using WIF in conjunction with ASP.NET using the WSFederationAuthenticationModule (FAM) to redirect to an ASP.NET site thin skin on top of a Security Token Service (STS) that user uses to authenticate (via supplying a username and password). If I understand WIF and claims-based access correctly, I would like my application to provide its own login screen where users provide their username and password and let this delegate to an STS for authentication, sending the login details to an

WIF 4.5 BootstrapContext security token null

假如想象 提交于 2019-11-27 17:14:37
问题 I am using the new 4.5 WIF stuff to authenticate users of the website and to secure the communication between my MVC website and WCF services. I have the website configured to save the bootstrap context so that I can re-use the same security token for all requests to the service layer. Under normal conditions all is working fine with each website request authenticated and the SecurityToken made available via the context to secure the WCF calls. If however the websites app domain is reset (e.g

How to encrypt JWT security token?

天大地大妈咪最大 提交于 2019-11-27 10:48:34
问题 I need to secure my web-token with signing and encryption. I wrote the next lines of code: var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, owner.Name), new Claim(ClaimTypes.Role, owner.RoleClaimType), new Claim("custom claim type", "custom content") }), TokenIssuerName = "self", AppliesToAddress = "http://www.example.com", Lifetime = new Lifetime(now, now.AddSeconds(60 * 3)),

Catch-22 prevents streamed TCP WCF service securable by WIF; ruining my Christmas, mental health

两盒软妹~` 提交于 2019-11-27 08:58:43
问题 I have a requirement to secure a streamed WCF net.tcp service endpoint using WIF . It should authenticate incoming calls against our token server. The service is streamed because it is designed to transfer large amounts of data n stuff. This appears to be impossible. And if I can't get around the catch, my Christmas will be ruined and I'll drink myself to death in a gutter while merry shoppers step over my slowly cooling body. Totes serious, you guys. Why is this impossible? Here's the Catch

How do I increase session timeout with W.I.F / SAML tokens / FedAuth cookie

此生再无相见时 提交于 2019-11-27 03:21:02
问题 I think the default timeout is something like every half hour. I'd like to change this to 2 weeks. Anyone got any ideas? Is this done usually from the STS side or the client side? Is forms authentication getting in the way too, or is that now irrelevant? 回答1: I just fixed this myself, persistentCookiesOnPassiveRedirects needs to be enabled on the RP In your web.config you need: <microsoft.identityModel> <federatedAuthentication> <wsFederation persistentCookiesOnPassiveRedirects="true" />

Federated Authentication on Azure

╄→尐↘猪︶ㄣ 提交于 2019-11-27 01:04:44
问题 I'm using WIF (.net 4.5), and Azure Active directory for authentication. The website will sit on Azure. Everything works as expected locally, however when I put it onto azure I get the error: The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating. I understand this is because the apps can't use DAPI, so I need to switch to protecting my app

ASP.NET MVC 2 and authentication using WIF (Windows Identity Foundation)

生来就可爱ヽ(ⅴ<●) 提交于 2019-11-27 00:29:40
问题 Are there any decent examples of the following available: Looking through the WIF SDK , there are examples of using WIF in conjunction with ASP.NET using the WSFederationAuthenticationModule (FAM) to redirect to an ASP.NET site thin skin on top of a Security Token Service (STS) that user uses to authenticate (via supplying a username and password). If I understand WIF and claims-based access correctly, I would like my application to provide its own login screen where users provide their

Decoding and verifying JWT token using System.IdentityModel.Tokens.Jwt

旧巷老猫 提交于 2019-11-26 21:29:05
I've been using the JWT library to decode a Json Web Token, and would like to switch to Microsoft's official JWT implementation, System.IdentityModel.Tokens.Jwt . The documentation is very sparse, so I'm having a hard time figuring how to accomplish what I've been doing with the JWT library. With the JWT library, there is a Decode method that takes the base64 encoded JWT and turns it into JSON which can then be deserialized. I'd like to do something similar using System.IdentityModel.Tokens.Jwt, but after a fair amount of digging, cannot figure out how. For what it's worth, I'm reading the JWT

Decoding and verifying JWT token using System.IdentityModel.Tokens.Jwt

有些话、适合烂在心里 提交于 2019-11-26 07:56:41
问题 I\'ve been using the JWT library to decode a Json Web Token, and would like to switch to Microsoft\'s official JWT implementation, System.IdentityModel.Tokens.Jwt. The documentation is very sparse, so I\'m having a hard time figuring how to accomplish what I\'ve been doing with the JWT library. With the JWT library, there is a Decode method that takes the base64 encoded JWT and turns it into JSON which can then be deserialized. I\'d like to do something similar using System.IdentityModel
订阅 wif