FederationPassive重定向问题 [英] FederationPassive redirect issue

问题描述

我们正在进行测试，使用一个简单的asp页面（部署为IIS默认网站default.aspx）作为RP从日内瓦服务器beta 2（部署在同一个IIS框中）检索声明。日内瓦服务器已配置为包含具有AD attirbutes映射声明的适当RP。

使用FedUtil修改web.confg文件后，我们通过浏览测试页面进行了快速测试（ https：// localhost ），我们注意到请求已重定向到"FederationPassive"。虚拟目录（ https：// localhost / FederationPassive / ）然后我们得到一个白页。

没有记录错误在Eventviewer，IIS日志文件和其他任何地方。 ASP.Net跟踪已启用，但浏览器中没有任何用处。

我注意到这个论坛中有一个类似的线程提到web.config文件必须包含< deny users ="？" />和< authentication mode =" None" />在授权元素中。我已经验证我的web.config文件确实包含FedUtil生成的那些元素。

以下是web.config文件中使用Federation Passive的关键行：

< federatedAuthentication>
< wsFederation passiveRedirectEnabled =" true" issuer =" https：// localhost / FederationPassive / " realm =" https：// localhost / " requireHttps = QUOT;真" />
< cookieHandler requireSsl =" true" />
< / federatedAuthentication>

非常感谢提前!!
谢尔曼

解决方案

谢尔曼 -
我是你，我会下载 Identity Developer Training Kit（2009年5月）并开设网站和身份验证实验室 - 练习3从日内瓦接受令牌服务器STS。我发现各种实验室非常容易理解，并且对日内瓦框架有了很好的介绍 - 更重要的是它们只是起作用。 Vittorio Bertocci描述了各种实验室在这里。

您可以下载Identity Developer培训套件此处点。

We are conducting a test to use a simple asp page (deployed as the IIS default website default.aspx) as a RP to retrieve claims from Geneva server beta 2 (deployed on the same IIS box). The Geneva server has been configured to include an appropriate RP with AD attirbutes mapped claims.

After using the FedUtil to modify the web.confg file we did a quick test by browsing to the test page (https://localhost), we noticed that the request has been redirect to the "FederationPassive" virtual directory (https://localhost/FederationPassive/) then we got a white page.

No errors were logged in Eventviewer, IIS log files and anywhere else. The ASP.Net trace has been enabled but nothing comes out useful in the browser.

I noticed a similar thread in this forum that mentions the web.config file must include <deny users="?" /> and <authentication mode="None" /> in the authorization element. I have verified that my web.config file does have those elements generated by the FedUtil.

The following are the key lines in the web.config file to use Federation Passive:

      <federatedAuthentication>
        <wsFederation passiveRedirectEnabled="true" issuer="https://localhost/FederationPassive/" realm="https://localhost/" requireHttps="true" />
        <cookieHandler requireSsl="true" />
      </federatedAuthentication>

Many thanks in advance!!
Sherman

解决方案

Sherman -

Were I you I would download the Identity Developer Training Kit (May 2009) and do the Web Sites and Identity lab - exercise 3 of which is Accepting Tokens from a Geneva Server STS. I have found the various labs to be really easy to follow and a great introduction to the Geneva Framework - and more importantly they just work. Vittorio Bertocci describes the various labs here.

You can download the Identity Developer Training Kit here.

这篇关于FederationPassive重定向问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！