wif

问题 My Durandal SPA app performs BASIC authentication to acquire a session token which it then presents in headers to access Web API controller methods. This works fine. On successful authentication I cache the access_token in localStorage so I can re-acquire it from local storage to preserve the session in the event of browser closure or refresh. The token is re-acquired but it is rejected by the server with an Unauthorized message. This question starts by saying that the OP has successfully

问题 I would like to use Windows Identity foundation in an Azure WebSite. I noticed that Azure Websites support .Net 4.0 and not .Net 4.5. Does anyone know if there is a way to use WIF in an Azure WebSite? 回答1: Vittorio Bertocci (Mr. WIF himself) just posted a blog post on this topic: http://blogs.msdn.com/b/vbertocci/archive/2013/01/28/running-wif-based-apps-in-windows-azure-web-sites.aspx. 回答2: WIF 1.0 works fine in Azure - refer How to implement single sign-on with Windows Azure Active

问题 I've been put in charge of figuring out a way to allow users to authenticate into our forms based site. Our corporate IT has set up a development adfs server, and the relying party trust has been set up to one of our dev environments. I've been reading and looking for tutorials for about two weeks, so I'm by no means an expert, and I can't seem to understand how the STS (our ADFS server) is supposed to figure out which user is requesting authentication. I've been following Wiktor Zychla's

问题 I have been working on a WCF service which will return a Base64 encoded string which is, in reality, a full SAML response XML document. Because this information will be handed off to a vendor, I have to meet their requirements for how the SAML document will look and be encoded. I am having trouble getting an output which meets their requirements. I know WCF and WIF together should help me. I originally built the service using WIF to create the SAML Assertions (token) and other C# code to

问题 I'm building an ASP.NET web app that authenticates users with Windows Identity Foundation. The organization has an on-premise ADFS STS. Their Office365 authenticates through Microsoft Federation Gateway with the on-premise STS. The new web app will also authenticate against the on-premise STS with WIF. Can I establish silent single sign on between the new app and the Office365 environment? So the user will not have to log into Office365 once he is logged into the web app and vice versa. 回答1:

问题 I'm not sure why but my FederatedAuthentication.SessionAuthenticationModule is resolving as NULL and crashing my app when I try to run my ClaimsTransformer() module: public void EstablishSession(ClaimsPrincipal principal) { var sessionToken = new SessionSecurityToken(principal, TimeSpan.FromHours(8)) { IsPersistent = false, // make persistent IsReferenceMode = true // cache on server }; FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(sessionToken); //

问题 When i try to invoke a WCF service from an asp.net application (RP) which is authenticated by another asp.net application(IP) , I'm getting an error message with content of Login page (It is trying to reach the login page because it could not authenticate the request). Identity Provider : _http://localhost/AuthenticatonWS/Login.aspx Relying party Website : _http://localhost/RPWebsite/Default.aspx WCF Service : _http://localhost/RPWebsite/Service1.svc (In my solution I'm calling service1.svc

问题 I have read this article: Identity Delegation with AD FS 2.0 Step-by-Step Guide on how to perform identity delegation using WIF from an ASP.NET application to a back end WCF service. I currently have an ASP.NET WebAPI REST service that I want to be able to call from my ASP.NET application using identity delegation, but I cannot find any information on how to accomplish this. The mentioned technet article uses CreateChannelActingAs to create a channel to the WCF service using the calling user

问题 I am developing an ASP.NET application. I have successfully added an STS reference to a stand-alone AD FS 2.0 server, so I can authenticate against a 3rd party's active directory. The problem is that I have more than one client who wishes to be able to authenticate against their own active directory. It seems that I can only add one STS reference to a project. How do I add multiple identity providers to an ASP.NET application and then programatically choose which provider I want to redirect

问题 I've implemented sliding sessions in my Relying Party application, as described in Sliding Sessions for WIF 4.5. That works great as far as it goes, but there's one problem that it seems nobody talks about. As the linked blog post points out, when the RP token expires, the next time make a request the token is re-issued from the STS. Assuming, of course, that the STS session lifetime is longer than the RP's session lifetime, which is almost certainly the case if you're implementing sliding