堆栈内存溢出
  简体   繁体   English

本地WebApi不重定向到身份验证

[英]On-Premises WebApi not redirecting to authentication

 原文  2015-06-30 10:37:48       c#/ asp.net/ asp.net-web-api/ adfs

问题描述

For some reason OWIN is not redirecting to the login page especified in ADFS, i dont have any control over ADFS(Windows Server 2012), i followed the Microsoft Documentation( http://www.asp.net/visual-studio/overview/2013/creating-web-projects-in-visual-studio#orgauthonprem ) but im now stuck. 由于某些原因,OWIN无法重定向到ADFS中指定的登录页面,我对ADFS没有任何控制权(Windows Server 2012),我遵循了Microsoft文档( http://www.asp.net/visual-studio/overview/ 2013 / creating-web-projects-in-visual-studio#orgauthonprem ),但我现在停滞了。 I thought that by refering the metadata everything would be configured out of the box. 我认为,通过引用元数据,所有内容都可以直接配置。

My Controller(template generated from WebApi) 我的控制器(从WebApi生成的模板) 

[Authorize]
public class ValuesController : ApiController
{
    // GET api/values
    public IEnumerable<string> Get()
    {
        return new string[] { "value1", "value2" };
    }

    // GET api/values/5
    public string Get(int id)
    {
        return "value";
    }

    // POST api/values
    public void Post([FromBody]string value)
    {
    }

    // PUT api/values/5
    public void Put(int id, [FromBody]string value)
    {
    }

    // DELETE api/values/5
    public void Delete(int id)
    {
    }
}

However i get 但是我明白了 

This XML file does not appear to have any style information associated with it. The document tree is shown below.
<Error>
<Message>Authorization has been denied for this request.</Message>
</Error>

Am i supposed to implement some kind of based authentication? 我应该实施某种基于身份的身份验证吗?

UPDATE! UPDATE!
It seems it was necessary Microsoft.Owin.Security.WsFederation 看来有必要使用Microsoft.Owin.Security.WsFederation
However now adfs doesnt redirect to my realm, i get a 302 from ADFS after the user was authenticated.. Something like 但是,现在adfs不会重定向到我的境界,用户通过身份验证后,我会从ADFS收到302。 

/adfs/ls/?wtrealm=http%3a%2f%2flocalhost%3a554&wctx=WsFedOwinState%3d9C7kwsHRjBM86yrii5niUWF1gW9VFvCKBTj_D3z4-QQ5P25opteVK0mWf0fudEQdsgIexkHxTxhKDqBmfSWNAuJ3togHTBE40CEKYa8JLKJOxsgxNGIreYBOzNYzK8NNvR26PCMCowCFoM9NGJOC8w&wa=wsignin1.0

My Startup.cs 我的Startup.cs 

public partial class Startup
{
    // For more information on configuring authentication, please visit http://go.microsoft.com/fwlink/?LinkId=301864
    public void ConfigureAuth(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(WsFederationAuthenticationDefaults.AuthenticationType);

        app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
        {
            MetadataAddress = ConfigurationManager.AppSettings["ida:AdfsMetadataEndpoint"],
            Wtrealm = ConfigurationManager.AppSettings["ida:Audience"],
        });
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType
        });
    }
}

How can i tell ADFS to redirect to the realm? 我如何告诉ADFS重定向到领域?

1 个解决方案

解决方案1
 1 已采纳  2015-07-02 10:49:27

事实证明,ADFS需要一个具有唯一ID的依赖方来验证用户并正确重定向到该领域。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 缺少 .NET Core 本地 Active Directory 身份验证 - .NET Core On-Premises Active Directory Authentication is Missing Azure function 连接到本地 sql 访问被拒绝 - Azure function connect to on-premises sql access denied 使用 Azure Function 更新本地 AD 用户配置文件 - Update On-premises AD user profile using Azure Function Azure Cloud Service主机本地应用程序服务器 - Azure Cloud Service host on-premises application server 用于本地 Web 应用的 Azure Application Insight 遥测 - Azure Application Insight Telemetry for On-Premises web app 如何将WCF服务层从Azure迁移到本地 - How to move a WCF service layer from Azure to on-premises SQL Azure与内部部署超时问题 - EF - SQL Azure vs. On-Premises Timeout Issue - EF ASP.NET 5 / MVC 6内部部署Active Directory - ASP.NET 5 / MVC 6 On-Premises Active Directory Azure 应用服务连接到本地 REST API - Azure App Service to connect to on-premises REST API WebApi 2身份验证 - WebApi 2 Authentication
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM