为什么 FederatedAuthentication.WSFederationAuthenticationModule 在 MVC Azure ACS 联合身份验证中为 null? [英] Why would FederatedAuthentication.WSFederationAuthenticationModule be null in MVC Azure ACS Federated Authentication?
问题描述
I'm trying to put together FederatedAuthentication with .NET 4.5, MVC 4, and active redirect using a custom server-side login page, using code from this tutorial, and from this code sample.
重定向到我的 AccountController 的 LogOn 方法工作正常,方法如下所示:
Redirecting to the LogOn method of my AccountController works fine, and the method looks like this:
public ActionResult LogOn()
{
HrdClient hrdClient = new HrdClient();
WSFederationAuthenticationModule fam = FederatedAuthentication.WSFederationAuthenticationModule; /*** Fails here because this is null **/
HrdRequest request = new HrdRequest(fam.Issuer, fam.Realm, context: Request.QueryString["ReturnUrl"]);
IEnumerable<HrdIdentityProvider> hrdIdentityProviders = hrdClient.GetHrdResponse(request);
ViewData["Providers"] = hrdIdentityProviders;
return View();
}
这失败了,因为 FederatedAuthentication.WSFederationAuthenticationModule 为空.
This fails because FederatedAuthentication.WSFederationAuthenticationModule is null.
使用 VS 2012,我运行了新的身份和访问向导(它似乎取代了旧的 STS 对话框).这给了我一个 FederationMetadata 文件夹,它看起来是正确的,并且对我的 Web.Config 进行了一些修改.特别是,模块部分如下所示:
Using VS 2012, I've run the new Identity and Access wizard (which seems to replace the old STS dialog). This has given me a folder of FederationMetadata, which appears correct, and several modifications to my Web.Config. In particular, the modules section looks like this:
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
<modules runAllManagedModulesForAllRequests="true">
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
</modules>
并且看到了 SO 答案 8937123 和 8926099,我还添加了以下内容:
And having seen SO answers 8937123 and 8926099, I've added the following as well:
<httpModules>
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</httpModules>
最后我的 nuget 包配置显示 Microsoft.IdentityModel,MVC 应用程序正确引用了它:
And finally my nuget packages config shows Microsoft.IdentityModel, which is correctly referenced by the MVC app:
<packages>
<package id="Microsoft.IdentityModel" version="6.1.7600.16394" targetFramework="net45" />
</packages>
我还看到了 这个问题在social.msdn上,这似乎表明确实需要运行STS对话框.
I've also seen this question on social.msdn, which just seems to suggest that the STS dialog does need to be run.
谁能解释为什么 FederatedAuthentication.WSFederationAuthenticationModule 会为 null,我能做些什么来阻止这种情况发生?
Can anybody explain why FederatedAuthentication.WSFederationAuthenticationModule would be null, and what I can do to stop this happening?
推荐答案
我自己设法解决了这个问题,并且由于在 SO 上有一些与此类似的未解决问题,我将把问题搁置起来并发布我自己的答案.
I managed to fix this myself, and since there are a few unanswered questions similar to this on SO, I'll leave the question up and post my own answer.
问题与将 MVC 应用程序升级到 .NET 4.5 有关.WIF 的大部分功能保持不变(至少在表面上),但这些类都已移至不同的程序集.我按照此处的迁移指南解决了我的问题:http://msdn.microsoft.com/en-us/library/jj157089.aspx
The issue is to do with upgrading the MVC application to .NET 4.5. Much of the WIF functionality remains the same (at least on the surface), but the classes have all moved to different assemblies. I fixed my problem following the migration guidelines here: http://msdn.microsoft.com/en-us/library/jj157089.aspx
最重要的是删除对 Microsoft.IdentityModel 包 (v 3.5.0) 的旧引用,并确保它们被替换为对 System.IdentityModel 和 System.IdentityModel.Services dll,应该是 4.0 版,并且来自 GAC 而不是外部包.
The most important thing is to remove old references to the Microsoft.IdentityModel package (v 3.5.0) and make sure they are replaced by similar references to the System.IdentityModel and System.IdentityModel.Services dlls, which should be version 4.0, and come from the GAC rather than an external package.
我的修复步骤是:
- 清除我添加到 Web.Config 的所有垃圾,然后使用默认的 MVC 配置文件重新开始.
- 删除
Microsoft.IdentityModel包并取消引用 dll - 在 VS 2012 中运行访问和身份向导
- 从
System.IdentityModel.Services.WSFederationAuthenticationModule引用到< httpModules> - 添加
- 编译、测试、跳舞的喜悦……
- Clean out all the junk I'd added to Web.Config and start again with a default MVC Config file.
- Remove the
Microsoft.IdentityModelpackage and de-reference the dll - Run the Access and Identity wizard in VS 2012
- Duplicate the
System.IdentityModel.Services.WSFederationAuthenticationModulereference from<system.webServer><modules>in<system.web><httpModules> - Add
<authentication mode="Forms"><forms loginUrl="~/Account/LogOn" /></authentication> - Compile, test, dance little jig of delight...
这得到了原始的 WIF3.5/MVC3 代码示例 在 .NET 4.5 下工作
And this got the original WIF3.5 / MVC3 Code Sample working under.NET 4.5
这篇关于为什么 FederatedAuthentication.WSFederationAuthenticationModule 在 MVC Azure ACS 联合身份验证中为 null?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
