是否有可能获得ACS索赔没有编辑的web.config？ [英] Is it possible to get ACS claims without editing web.config?

问题描述

是否有可能成立的境界网址，声明类型等为蔚蓝ACS没有编辑的web.config？您可以设置这些必需的元素编程不知何故？

Is it possible to set up the realm URL, claim types, etc for azure ACS without editing the web.config? Can you set up these required elements programmatically somehow?

编辑：
具体来说，我想摆脱这种

Specifically I want to get rid of this:

<federatedAuthentication>
    <wsFederation passiveRedirectEnabled="true" issuer="https://mynamespace.accesscontrol.windows.net/v2/wsfederation" realm="http://localhost:81/" requireHttps="false" />
</federatedAuthentication>

基本上，我不希望在web配置被指定的境界，而是在code的地方。我试着重写ClaimsAuthenticationManager和注释掉的部分以相关FederatedAuthentication的code。我重写身份验证code被击中，但它不包含任何索赔要求。我假设，这是因为FederatedAuthentication是它得到了重写ClaimsAuthenticationManager正常之前它执行自己的身份验证的中介。有没有办法来覆盖以类似的方式FederatedAuthentication部分？或者是有传递到了我可以用它来完成我自己的认证覆盖身份验证方法的信息？

Basically, I don't want the realm being specified in the web config, but rather in code somewhere. I've tried overriding ClaimsAuthenticationManager and commenting out the portions to the code related to FederatedAuthentication. My overridden authenticate code is hit, but it doesn't contain any claims. I'm assuming that this is because FederatedAuthentication is an intermediary which performs its own authentication before it gets to the overridden ClaimsAuthenticationManager normally. Is there a way to override the FederatedAuthentication portion in a similar manner? Or is there information passed into the overridden authenticate method that I can use to perform my own authentication?

推荐答案

要从web配置删除XML行，我做我自己的WSFederationAuthenticationModule覆盖旧的，像这样：

To remove that xml line from the web config, I made my own WSFederationAuthenticationModule overriding the old one, like so:

public class CustomWSFederationAuthenticationModule : WSFederationAuthenticationModule
{
    protected override void InitializePropertiesFromConfiguration(string serviceName)
    {
        this.Realm = "http://localhost:81/";
        this.Issuer = "https://acsnamespace.accesscontrol.windows.net/v2/wsfederation";
        this.RequireHttps = false;
        this.PassiveRedirectEnabled = true;
    }
}

和web.config中的重要组成部分：

And the important part of the web.config:

<modules runAllManagedModulesForAllRequests="true">
  <add name="WSFederationAuthenticationModule" type="CustomModuleLocation.CustomWSFederationAuthenticationModule, CustomModuleLocation" preCondition="managedHandler"/>
  <add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
</modules>

另外，XML的federatedAuthentication部分完全删除。

Also the federatedAuthentication section of the XML is removed entirely.

这篇关于是否有可能获得ACS索赔没有编辑的web.config？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！