[英]Question on Federated Authentication using Windows Identity Foundation
I am developing an Asp.Net MVC website using Windows Identity Foundation and STS website for authentication. 我正在使用Windows Identity Foundation和STS网站进行身份验证来开发Asp.Net MVC网站。 it works fine as whenever a user tries to access a URL, it redirects to STS website if that session is not authenticated. 当用户尝试访问URL时,它可以正常工作,如果该会话未通过身份验证,它将重定向到STS网站。
Now I want to add a page in the application which should be available without authenticating into the site. 现在,我想在应用程序中添加一个页面,该页面应该无需身份验证即可使用。 But I am unable to do that. 但是我做不到。 I tried giving the following in web.config. 我尝试在web.config中提供以下内容。 Still it gets redirected to the STS website. 仍然将其重定向到STS网站。 Here i want to allow anonymous access to "Public" controller and all its actions. 在这里,我想允许匿名访问“公共”控制器及其所有操作。
<location path="Public">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
It will be great if somebody can guide me with the solution. 如果有人可以指导我提供解决方案,那就太好了。
Thanks 谢谢
Take a look at this sample app . 看看这个示例应用程序 。 We ended up disabling the automatic redirect and controlling that ourselves. 我们最终禁用了自动重定向并自己控制了它。
NOTE: I realize I'm about a year late with this answer, but I wanted to document it for future reference. 注意:我知道这个答案要迟到一年了,但是我想记录下来以备将来参考。
The asterisk (*) in the users attribute refers to all authenticated users. users属性中的星号(*)表示所有经过身份验证的用户。 To allow anonymous or unauthenticated users, a question mark (?) should be used as shown below. 要允许匿名或未经身份验证的用户,应使用问号(?),如下所示。
<location path="Public">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.