owin

How to separate large cookies in Asp.Net Identity into a smaller ones to allow MANY claims?

ぐ巨炮叔叔 提交于 2019-12-07 03:06:00
问题 I'm working on a prototype of a claims-based authorisation for our MVC application. We use Asp.Net Identity for authentication. We would like to have a claim for every controller action and then give/take away users' claims so we have a very fine control over who can go where. Our application already has 800+ actions and keeps growing. I have made a little test app to see how this number of claims can be handled. And run into a problem: cookies are limited to 4092 bytes. And having a large

OWIN Authentication with IIS Basic Authentication

我们两清 提交于 2019-12-07 01:58:27
问题 I created a new ASP.NET MVC 5 application with default access control provided by Visual Studio 2013 and Owin Middleware. I enabled basic authentication on IIS (disabling all the others authentications) to protect the site from people that don't have the user/password that I created on Windows. It result in a "redirect loop” in the browser. Any ideas why? How can I protect a web site without change the code? 回答1: By default in file Startup.Auth.cs, there will be something like this: app

Unable to run an asp.net 4.5 app on xsp on Mono 3

做~自己de王妃 提交于 2019-12-06 23:47:24
问题 I've build Mono 3.0.2 from source (tarball), and built XSP from both the latest tarball and the latest on Github, but I'm unable to run a relatively simple asp.net app using .net 4.5 because it sees 'targetFramework="4.5"' in the web.config as invalid. Building the app, and running a console .net 4.5 app works just fine. This is the web.config in question: <?xml version="1.0"?> <!-- For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/

GetExternalLoginInfoAsync always return null when i trying login using Facebook or Google

送分小仙女□ 提交于 2019-12-06 23:36:38
问题 I have a problem with OWIN Authentication. I always receive null value from GetExternalLoginInfoAsync() when I trying log in using Facebook or Google. BUT there is some mystical case.. When I open Fiddler. I get correct data using this method. I can't get the reason var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync(); Thanks in advance!! 回答1: I have solved my problem by adding this code context.RequestContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;

Owin self-host - Failed to listen on prefix 'http://localhost:12345/' because it conflicts with an existing registration on the machine

好久不见. 提交于 2019-12-06 23:13:08
问题 I'm trying to self-host a simple WebAPI: public class AccountViewApplication { protected IDisposable WebApplication; public void Start() { WebApplication = WebApp.Start<WebPipeline>("http://myhost.mymachine.me:12345"); new AccountViewApplication().Start(); } public void Stop() { WebApplication.Dispose(); } } The first time I run this, it starts to listen just fine, but the next time that I try - I get this: Failed to listen on prefix 'http://myhost.mymachine.me:12345/' because it conflicts

OWIN Cookie Authentication

旧巷老猫 提交于 2019-12-06 17:20:09
问题 I can't seem to get OWIN to work with Cookie based authentication. I have configured my OWIN token endpoint in Startup as: OAuthOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString("/Token"), Provider = new ApplicationOAuthProvider(PublicClientId), AccessTokenExpireTimeSpan = TimeSpan.FromDays(14), AllowInsecureHttp = true }; app.UseOAuthBearerTokens(OAuthOptions); I have also configured Cookie Authentication: app.UseCookieAuthentication(new

How to read MVC OWIN AuthenticationProperties?

社会主义新天地 提交于 2019-12-06 17:02:36
问题 I'm setting IsPersistent when signing the user in, how to read that value back? var identity = await UserManager.CreateIdentityAsync(appUser, DefaultAuthenticationTypes.ApplicationCookie); HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties() { IsPersistent = false }, identity); 回答1: can you please try this, I haven't test it IAuthenticationManager AuthenticationManager { get { return HttpContext.GetOwinContext().Authentication; } } 回答2: AspNet.Identity gives you

OWIN and ASP.net membership in IIS 8.5 not working

五迷三道 提交于 2019-12-06 15:29:46
I created an ASP.NET MVC project in visual studio 2015. I used the Windows Identity Foundation based template for individual accounts available in visual studio. Then I configure it for facebook and Google. It works perfectly when i run it from Visual Studio or IIS 7.5. I Could redirect to Google or Facebook page and I was able to register using email and I could see the records saved in the database. However, when i deploy the app on IIS 8.5 running on windows server 2012 R2, on clicking the Facebook or google button, gives me 404 Resource Not Found Error. Server Error in '/' Application. The

Extending the Authorize attribute

允我心安 提交于 2019-12-06 12:28:31
问题 I'm implemented a [CustomAuthorization] attribute based on [Authorize] attribute. My attribute looks like this: public class CustomAuthorizeAttribute : AuthorizeAttribute { public eUserRole CustomRoles { get; set; } = eUserRole.Administrator; // If not specified, the required role is Administrator protected override bool IsAuthorized(HttpActionContext actionContext) { AuthorizationSystem auth = new AuthorizationSystem(actionContext.RequestContext.Principal, this.CopyleaksRoles); var res =

OWIN OAuth 2.0 - Bearer Token Never Expire

被刻印的时光 ゝ 提交于 2019-12-06 11:09:04
问题 I'm using the following OAuth provider and options: UserManagerFactory = () => new UserManager<IdentityUser>(new UserStore<IdentityUser>(new ApplicationDbContext())); OAuthOptions = new OAuthAuthorizationServerOptions { TokenEndpointPath = new PathString("/Token"), Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory), AuthorizeEndpointPath = new PathString("/api/AccountOwin/ExternalLogin"), AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(2), AllowInsecureHttp = true };
订阅 owin