adfs

问题 I'm having problems trying to decide on a route to take on a project I have. I've been reading up on OWIN specs and Katana implementation within .NET. The reason why I'd like to go with the Katana route is because of the owin components associated with ADFS and Token/Cookie generation. I have two projects, one for MVC 5 website, and one for Web API. They may rest of two separate servers in the future, but for now they are on the same. I know I will be using IIS, so the Owin pipeline isn't

问题 I have configured 'SessionAuthenticationModule' based on the instructions from http://www.wiktorzychla.com/2014/11/forms-authentication-revisited-for-net.html. My application is in .Net 3.5 so I changed the library mappings based on "Namespace Mapping between WIF 3.5 and WIF 4.5". When I run it, it is throwing the exception shown below. " Object reference not set to an instance of an object. Description: An unhandled exception occurred during the execution of the current web request. Please

问题 I'm developing a .NET web application which uses ADFS to manage users and logins. On my personal development machine and on our testing environment everything works fine. However, after publishing the application to the target production server I'm getting the following exception: [CryptographicException: Digest verification failed for Reference '#_ed85954d-e2b3-44a1-a455-f13b8eca5756'.] System.IdentityModel.Reference.EnsureDigestValidityIfIdMatches(String id, Object resolvedXmlSource)

问题 I have an application that authenticates against ADFS 2 via WS-Federation. I look for a specific claim when I get the response back from ADFS and based on that claim, I am able to authorize the user into my application. I want to create an enhancement in which when a user authenticates against ADFS and comes back to my application WITHOUT the claim I require, that I redirect them back to the Identity Provider (ADFS), but this time FORCING them to provide their credentials again. I wrote my

问题 In an Ionic mobile app, we need to access the web API and to show a Web UI (both SharePoint) in an Ionic WebView (essentially a browser inside the app). We're using OnPrem ADFS on Windows Server 2012 and OnPrem SharePoint 2013. Here's what we do: 1. In ADFS3, Setup OAuth2 and add a Relying Party Trust and a Client http://www.gi-architects.co.uk/2016/04/setup-oauth2-on-adfs-3-0/ 2. From the mobile app, call ADFS to obtain an OAuth Access Token First, GETing: https://myadfsdomain/adfs/oauth

问题 I am trying to implement ADFS4 - OAuth (OpenID connect) for authentication and webapp to webapi communication. I have configured ADFS application group accordingly and use OpenIdconnectauth pipeline in webapp for authentication. In order to call webapi, if I request accesstoken using just client credential grant, it works fine as I receive the valid access token and able to get to the api. However, the access token does not have any user details in it which I need it from the webapi end. So,

问题 I've been put in charge of figuring out a way to allow users to authenticate into our forms based site. Our corporate IT has set up a development adfs server, and the relying party trust has been set up to one of our dev environments. I've been reading and looking for tutorials for about two weeks, so I'm by no means an expert, and I can't seem to understand how the STS (our ADFS server) is supposed to figure out which user is requesting authentication. I've been following Wiktor Zychla's

问题 I have been trying to add a "virtual" claim provider (SAML 2.0 Identity Provider) in ADFS, I have another claim provider with same certicate. I get this error on ADFS2.0 in windows Server 2012 MSIS7600 Each Signing Certificate value for a claims provider Trust must be unique across all claims provider trusts in ADFS 2.0 configuration Is there any workaround to avoid this issue? 回答1: No, I got the same thing here. Appearantly it must be unique. I tried to add 2 tenants (2 customers) coming

问题 I have been trying to add a "virtual" claim provider (SAML 2.0 Identity Provider) in ADFS, I have another claim provider with same certicate. I get this error on ADFS2.0 in windows Server 2012 MSIS7600 Each Signing Certificate value for a claims provider Trust must be unique across all claims provider trusts in ADFS 2.0 configuration Is there any workaround to avoid this issue? 回答1: No, I got the same thing here. Appearantly it must be unique. I tried to add 2 tenants (2 customers) coming

问题 I have a web application and web api services that authenticate through ADFS. They are contained in the same IIS application, and the web app makes calls back to the web api services without a problem. I'm now trying to call the same services from a different application, but am having trouble passing the token. I am able to authenticate and retrieve a SAML token with the following code: var stsEndpoint = "https://MyAdfsServer/adfs/services/trust/13/UsernameMixed"; var reliantPartyUri =