WSFederationAuthenticationModule.RedirectingToIdentityProvider事件不叫 [英] WSFederationAuthenticationModule.RedirectingToIdentityProvider event is not called
问题描述
我有两个事件在我的Global.asax.cs文件
WSFederationAuthenticationModule_SecurityTokenValidated 和 WSFederationAuthenticationModule_RedirectingToIdentityProvider
WSFederationAuthenticationModule_RedirectingToIdentityProvider不受WIF引擎调用。为什么呢?
公共类MvcApplication:System.Web.HttpApplication
{
无效WSFederationAuthenticationModule_SecurityTokenValidated(对象发件人,SecurityTokenValidatedEventArgs E)
{
FederatedAuthentication.SessionAuthenticationModule.IsSessionMode = TRUE;
}
无效WSFederationAuthenticationModule_RedirectingToIdentityProvider(对象发件人,RedirectingToIdentityProviderEventArgs E)
{
//一些code
}
}
这是在web.config中microsoft.identityModel栏目
< microsoft.identityModel>
<服务saveBootstrapTokens =真正的>
< audienceUris模式=从不> < / audienceUris>
< federatedAuthentication>
< wsFederation passiveRedirectEnabled =真发行人=HTTP://localhost/dss.web.sts.tokenbaker/的境界=HTTP://localhost/dss.web.frontendrequireHttps =FALSE/>
<的CookieHandler requireSsl =FALSE/> < / federatedAuthentication> < issuerNameRegistry TYPE =Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry,Microsoft.IdentityModel,版本= 3.5.0.0,文化=中性公钥= 31bf3856ad364e35>
< trustedIssuers>
<加入指纹=308efdee6453fff68c402e5eceee5b8bb9eaa619NAME =servcert/> < / trustedIssuers>
< / issuerNameRegistry>
< /服务>
< /microsoft.identityModel>
您缺少在你的web.config以下行:
在configSections元素:
<节名称=system.identityModelTYPE =System.IdentityModel.Configuration.SystemIdentityModelSection,System.IdentityModel,版本= 4.0.0.0,文化=中性公钥= B77A5C561934E089 />
<节名称=system.identityModel.servicesTYPE =System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection,System.IdentityModel.Services,版本= 4.0.0.0,文化=中性公钥= B77A5C561934E089/>
在system.webServer元素
<模块>
<清除NAME =FormsAuthentication/>
<添加名称=WSFederationAuthenticationModuleTYPE =System.IdentityModel.Services.WSFederationAuthenticationModule,System.IdentityModel.Services,版本= 4.0.0.0,文化=中性公钥= b77a5c561934e089preCondition =managedHandler/>
<添加名称=SessionAuthenticationModuleTYPE =System.IdentityModel.Services.SessionAuthenticationModule,System.IdentityModel.Services,版本= 4.0.0.0,文化=中性公钥= b77a5c561934e089preCondition =managedHandler/>
< /模块>
您的观众尤里斯是空的。你必须指定你的web应用,所以它可以消耗此功能。因此,加入这一行:
< audienceUris>
<增加价值=HTTP://localhost/dss.web.frontend/>
< / audienceUris>
如果这个更改后你的问题reamined,可以实现从WSFederationAuthenticationModule派生您的自定义验证模块。事情是这样的:
公共类CustomAuthenticationModule:WSFederationAuthenticationModule
{
公共CustomAuthenticationModule()
{
base.SecurityTokenReceived + = CustomAuthenticationModule_SecurityTokenReceived;
} 公共无效CustomAuthenticationModule_SecurityTokenReceived(对象发件人,SecurityTokenReceivedEventArgs E)
{ } 保护覆盖无效OnAuthenticateRequest(对象发件人,EventArgs参数)
{
base.OnAuthenticateRequest(发件人,参数);
}
}
然后就在配置的变化,而不是把WSFederationAuthenticationModule与CustomAuthenticationModule适当的命名空间和装配签名。所以,你可以拦截你的委托电话。
希望这是对你有帮助。
Rastko
I have 2 events in my Global.asax.cs file
WSFederationAuthenticationModule_SecurityTokenValidated and WSFederationAuthenticationModule_RedirectingToIdentityProvider
WSFederationAuthenticationModule_RedirectingToIdentityProvider is not called by wif engine. Why?
public class MvcApplication : System.Web.HttpApplication
{
void WSFederationAuthenticationModule_SecurityTokenValidated(object sender, SecurityTokenValidatedEventArgs e)
{
FederatedAuthentication.SessionAuthenticationModule.IsSessionMode = true;
}
void WSFederationAuthenticationModule_RedirectingToIdentityProvider(object sender, RedirectingToIdentityProviderEventArgs e)
{
//some code
}
}
This is microsoft.identityModel section in web.config
<microsoft.identityModel>
<service saveBootstrapTokens="true">
<audienceUris mode="Never">
</audienceUris>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="http://localhost/dss.web.sts.tokenbaker/" realm="http://localhost/dss.web.frontend" requireHttps="false" />
<cookieHandler requireSsl="false" />
</federatedAuthentication>
<issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
<trustedIssuers>
<add thumbprint="308efdee6453fff68c402e5eceee5b8bb9eaa619" name="servcert" />
</trustedIssuers>
</issuerNameRegistry>
</service>
</microsoft.identityModel>
You are missing following lines in your web.config:
In configSections element:
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
In system.webServer element
<modules>
<remove name="FormsAuthentication" />
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
</modules>
Your audience Uris is empty. You have to specify your web application, so it can consume this functionality. So, add this line :
<audienceUris>
<add value="http://localhost/dss.web.frontend"/>
</audienceUris>
If your problems reamined after this changes, you can implement your custom authentication module derived from WSFederationAuthenticationModule. Something like this :
public class CustomAuthenticationModule : WSFederationAuthenticationModule
{
public CustomAuthenticationModule()
{
base.SecurityTokenReceived += CustomAuthenticationModule_SecurityTokenReceived;
}
public void CustomAuthenticationModule_SecurityTokenReceived(object sender, SecurityTokenReceivedEventArgs e)
{
}
protected override void OnAuthenticateRequest(object sender, EventArgs args)
{
base.OnAuthenticateRequest(sender, args);
}
}
and then just in config change instead of WSFederationAuthenticationModule put CustomAuthenticationModule with appropriate namespace and assembly signature. So you can intercept calls in your delegate.
Hope this is helpful for you.
Rastko
这篇关于WSFederationAuthenticationModule.RedirectingToIdentityProvider事件不叫的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!