ADFS单点登录不适用于会话状态模式“ UserUri”
[英]ADFS Single sign on is not working with session state mode “UserUri”
问题描述
Our asp.net website was working fine with ADFS SSO since we made a change in the session state cookie settings from "Use Cookies" to "USE URI". 
由于我们将会话状态Cookie设置从“使用Cookie”更改为“使用URI”,因此我们的asp.net网站可以与ADFS SSO正常工作。 After making this change, fam.IsSignInResponse(request) is always false in the below code so that it redirects back to the ADFS login screen recursively. 进行此更改后,fam.IsSignInResponse(request)在以下代码中始终为false,因此它将以递归方式重定向回ADFS登录屏幕。
public List<ClaimEntity> GetClaims()
{
logger.Info("Started executing GetClaims()");
List<ClaimEntity> claims = new List<ClaimEntity>();
// sam is configured in web.config
var sam = FederatedAuthentication.SessionAuthenticationModule;
logger.Info("Declaring sam");
// fam is not
var fam = new WSFederationAuthenticationModule();
logger.Info("Declaring fam");
//fam.FederationConfiguration = FederatedAuthentication.FederationConfiguration;
fam.ServiceConfiguration = FederatedAuthentication.ServiceConfiguration;
logger.Info("Assigning ServiceConfiguration to fam");
var request = thisContext.Request;
// is this the response from the STS
if (!fam.IsSignInResponse(request))
{
// no
logger.Info("fam.IsSignInResponse => No");
// the STS
fam.Issuer = _IssuerSTSSpec.Issuer;
logger.Info("IssuerUrl= " + _IssuerSTSSpec.Issuer);
// the return address
fam.Realm = thisContext.Request.Url.AbsoluteUri;
logger.Info("Assigning fam.Realm= " + thisContext.Request.Url.AbsoluteUri);
logger.Info("Creating SignInRequest...");
var req = fam.CreateSignInRequest(string.Empty, null, false);
logger.Info("Redirecting to the issuer...");
logger.Info("Request to STS: "+ req.WriteQueryString().ToString());
// go to STS
thisContext.Response.Redirect(req.WriteQueryString());
}
else
{
// yes
-----------
-----------
}
logger.Info("Returning the claims");
return claims;
}
Is "USE URI" session cookie mode is not supported with ADFS integrated application or any changes required in my code? ADFS集成应用程序是否不支持“ USE URI”会话cookie模式,或者我的代码中是否需要进行任何更改?
1 个解决方案
解决方案1
0 2018-07-12 17:27:11
It would help understand better if you add the example code of "Use URI". 如果添加示例代码“ Use URI”,将有助于更好地理解。 Is there really a need to use this method? 真的需要使用此方法吗? Using cookies will keep the URL clean and it is more manageable. 使用Cookie可以保持URL干净,并且更易于管理。 And if it is already working for you, you can go with it unless there is really need to use URI 如果已经为您工作,则可以使用它,除非确实需要使用URI。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.