adfs

问题 We have a site which relies on federated authentication using Active Directory Federation Services (ADFS) and WSFederationAuthenticationModule. The site also employs a set of XHR requests fired upon user interaction. One particular example is a drop-down menu which allows the user to impersonate other users. Another one is the faceting functionality on a site-wide search page. The problem is that the session expires when a user stays inactive on a page for certain amount of time. In normal

问题 I am developing an ASP.NET application. I have successfully added an STS reference to a stand-alone AD FS 2.0 server, so I can authenticate against a 3rd party's active directory. The problem is that I have more than one client who wishes to be able to authenticate against their own active directory. It seems that I can only add one STS reference to a project. How do I add multiple identity providers to an ASP.NET application and then programatically choose which provider I want to redirect

问题 An app is communicating via the Open ID Connect protocol with AWS Cognito , which is connected to ADFS , communicating via SAML. Cognito is essentially "proxying" the ADFS server. ADFS holds a group mapping that the app requires, and I would like to import these groups into Cognito as actual Cognito Group - which will then be read by the app from the cognito:groups from the ID-token Cognito provides. In the AWS Cognito User Pool setup, I don't see a way to map ADFS groups to Cognito Groups -

问题 I'm asking this question on the back of a previous question I raised, as the scope of the question has changed somewhat but that might be worth reading first for background info. I'm trying to programatically obtain data out of our Dynamics CRM instance, using a single set of admin credentials within a Node powered Express app. This Express app is hosted on a separate server outside of our network where CRM is hosted. The app will then request, process and serve CRM data back to any logged in

问题 I'm trying to implement a SAML 2.0 authentication against Windows ADFS for a web application. So far I succeeded in authenticating and getting what I need from ADFS by manually configuring the Relying Party Trust and the assigned Claim Rules. Now I want to provide federation metadata for my application to make it easier to set up the required stuff in ADFS. However I can't figure out how to pass the required Claim Rules in that metadata. Here's what I have so far: <?xml version="1.0"?>

问题 I want to retrieve a User's Group information from Azure AD. Using the following Graph API packages to achieve this Microsoft.Azure.ActiveDirectory.GraphClient Microsoft.IdentityModel.Clients.ActiveDirectory 2.13.112191810 I am able to successfully retrieve Users information from the Azure Graph API. But when I run this method to retrieve a User's groups, Fiddler shows a successful HTTP 200 response with JSON fragment containing group information however the method itself does not return with

问题 Hello so I've been trying to achieve WS-Fed SSO on my MVC6 web application, I've read a bit on authentification and all to identify my requirements. I have to use WsFederationAuth so no oauth nor saml protocol would work for me. Edit : After @Pinpoint suggestion I tried to use owin middleware to achieve the connection, but I will use the full framework DNX451 rather than DNXCore but it's something while waiting for ws-fed to be supported by Vnext. Pinpoint adapter extension: public static

问题 Been banging my head against a few walls with this so hoping some CRM/Dynamics experts can give me a hand! I'm trying to programatically obtain data out of our Dynamics CRM instance, using a single set of admin credentials within a Node powered Express app. This Express app is hosted on a separate server outside of our network where CRM is hosted. The app will then request, process and serve CRM data back to any logged in user who has access (controlled by roles/permissions within the app),

问题 We have an ASP.NET Web Forms(.Net 3.5) website application uses forms authentication. The application has got different customized authentication services which uses different SSO methods(eg. CAS) to validate user, those were implemented for different clients. Now the requirement is to implement an AD FS based authentication service with out making core changes to the Forms Authentication configurations. My questions: How to configure SAM in .Net 3.5 website Instead of redirecting to STS, is

问题 I am trying to access the Azure AD graph API. I have successfully added users to my test environment ( ADFS ) and changed their domain to {mytestdomain}.onmicrosoft.com . The password synchronization using Azure AD Connect works. Now I have setup the production environment (including ADFS ) accordingly and I am now synchronizing the users, but obviously can't change the domains to {mydomain}.onmicrosoft.com. The users now have {mydomain}.net and I am synchronizing the users to a verified