thinktecture

问题 In my setup I have IdentityManager on the same host of IdentityServer. All the required configuration is on database. To create my setup I have taken in consideration this question on stackoverflow.com and then followed all the regarding discussion on this github issue. I have also subscribed to Gitter to find the conversation mentioned on the SO question referenced. My setup is almost identical to the one of @ilter. However in my case I keep getting Error: You are not authorized to use this

问题 In my setup I have IdentityManager on the same host of IdentityServer. All the required configuration is on database. To create my setup I have taken in consideration this question on stackoverflow.com and then followed all the regarding discussion on this github issue. I have also subscribed to Gitter to find the conversation mentioned on the SO question referenced. My setup is almost identical to the one of @ilter. However in my case I keep getting Error: You are not authorized to use this

问题 Brock Allen released the new beta version of IdentityManager last week. There are quite some changes in the security model, so the configuration also changed. He even took some videos (Setting up ASP.NET Identity and Security and IdentityManager) on how to configure the new version properly. These well explain the usage in a classic ASP.NET MVC application, and also ADFS setup, but I couldn't find any help or sample code about how to make it work side by side with Identity Server v3. Can you

问题 Given a scenario where a web hosted IdentityServer3 only handles authorization , being user authentication handled by an external custom service, what is required to implement to support this? A custom OWIN middleware? 回答1: Either connect to your "external custom service" form within your IUserService (idsrv specific) - or treat it as an external identity provider. In that case you need to write a Katana authentication middleware for it (reusable Katana component). For the UserService check

问题 We have configured Client App to use IdentityServer3 authentication via OpenID Connect protocol (it's ASP.NET MVC App that uses OWIN middleware to support OIDC). The IdentityServer3 itself is configured to use both local login and external login (Azure AD, for instance). In the regular flow once App need to authenticate user it redirects him to the IdentityServer3 login screen - it's fine. But in some cases, on per-request basis, I want to bypass login screen by somehow letting

问题 Following @leastprivilege answer in my previous question, I concluded that neither are possible solutions: The login service doesn't support REST authentication (thus, can't use IUserService.AuthenticateLocalAsync and just connect to it) I don't need it to be an additional provider, I need it to substitute IS3 one, ie, instead of showing the local login + additional providers, I need the /login page to be the one from a different service. Can this be customized or do I need to change