问题
I am following this tutorial which shows how to build a claims aware ASP.NET WebForms app, with a page that "displays the claims in the token that was issued to you by the Security Token Service".
Note that the tutorial "does not have detailed instructions for creating a Security Token Service (STS), and assumes you have already configured an STS."
Now I followed the tutorial but I did not setup an STS myself. When I ran the web app I saw a claim on that page, specifically:
Claim Type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Claim Value:
Claim Value Type:http://www.w3.org/2001/XMLSchema#string
Claim Subject Name:
Claim Issuer:LOCAL AUTHORITY
Since I didn't setup an STS, where did this claim come from?
In my web.config I have:
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="http://localhost:28503/" />
</audienceUris>
<issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<trustedIssuers>
<add thumbprint="1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ1234" name="YourSTSName" />
</trustedIssuers>
</issuerNameRegistry>
<certificateValidation certificateValidationMode="None" />
</identityConfiguration>
</system.identityModel>
<system.identityModel.services>
<federationConfiguration>
<cookieHandler requireSsl="false" />
<wsFederation passiveRedirectEnabled="true" issuer="http://localhost:13922/wsFederationSTS/Issue" realm="http://localhost:28503/" reply="http://localhost:28503/" requireHttps="false" />
</federationConfiguration>
</system.identityModel.services>
But neither localhost:13922 nor localhost:28503 serve anything. (My web app is hosted at http://localhost:59392/)
来源:https://stackoverflow.com/questions/37443402/why-am-i-getting-a-claim-without-a-security-token-service