[英]Read cookies from ADFS Single Sign On
Good morning, 早上好,
On my test-site I implemented SSO (SAML2.0 from ComponentSpace) which works great, but the next level - live situation- is giving me a headache… 在我的测试网站上,我实现了SSO(来自ComponentSpace的SAML2.0),效果很好,但是下一个级别 - 现场情况 - 让我头疼...
My customer is using ADFS for authentication and when a user accesses my site (in the cloud) for the first time, my site generates a nice SAML-request which is answered with a SAML-response from ADFS. 我的客户正在使用ADFS进行身份验证,当用户第一次访问我的站点(在云端)时,我的站点会生成一个很好的SAML请求,并通过ADFS的SAML响应来回答。 The user is logged-in.
用户已登录。 All well so far.
到目前为止一切顺利。
But, when the users accesses my site for the second time ADFS does not response anymore to my SAML-request. 但是,当用户第二次访问我的网站时,ADFS不再响应我的SAML请求。 After digging into this situation it seems that ADFS saves the first time several cookies on the client webbrowser (under its own domain-name) and when ADFS detects those 4 cookies the second time it does not respond to my SAML-request.
在深入了解这种情况之后,ADFS似乎第一次在客户端webbrowser上保存了几个cookie(在其自己的域名下),并且当ADFS第二次在没有响应我的SAML请求时检测到这4个cookie时。
I searched several sites and found a good document about this behaviour on https://msdn.microsoft.com/nl-nl/en%C2%ADus/library/bb897402 . 我搜索了几个站点,并在https://msdn.microsoft.com/nl-nl/en%C2%ADus/library/bb897402上找到了一个关于此行为的好文档。 The solution in this article is based on AzMan, but we use the latest Windows server 2012R2 which AzMan is deprecated.
本文中的解决方案基于AzMan,但我们使用不推荐使用AzMan的最新Windows服务器2012R2。
So how do I deal with this situation? 那么我该如何处理这种情况呢?
Any help is appreciated! 任何帮助表示赞赏!
Thanks, 谢谢,
best regards, Arno 最好的问候,阿诺
I'd similar issue while authenticating users with ADFS 3.0 from a C# MVC web application. 从C#MVC Web应用程序使用ADFS 3.0对用户进行身份验证时,我遇到了类似的问题。 The reason was that while cookies are still active (not-expired) they cannot be overwritten so to fix this issue I created a new CookieManager instead of using the default one.
原因是虽然cookie仍处于活动状态(未过期),但它们无法被覆盖,因此为了解决此问题,我创建了一个新的CookieManager而不是使用默认的CookieManager。 Below is the line of code that worked for me.
下面是适合我的代码行。
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
CookieManager = new SystemWebCookieManager()
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.