个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
25
4
AM 尝试根据组织请求实现多重身份验证。我在startup.auth.cs 中有类似下面的内容
foreach (OrganizationModel org in orgList)
{
if (org.AuthenticationType != "Azure")
{
var adfs = new WsFederationAuthenticationOptions
{
AuthenticationType = org.AuthenticationType,
Caption = org.Caption,
BackchannelCertificateValidator = null,
MetadataAddress = org.MetadataUrl,
Wtrealm = org.Realm,
Notifications = new WsFederationAuthenticationNotifications
{
AuthenticationFailed = context =>
{
context.HandleResponse();
context.Response.Redirect("Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
},
TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false },
};
app.UseWsFederationAuthentication(adfs);
}
else
{
var azure = new WsFederationAuthenticationOptions
{
AuthenticationType = org.AuthenticationType,
Caption = org.Caption,
BackchannelCertificateValidator = null,
MetadataAddress = org.MetadataUrl,
Wtrealm = org.Realm,
Notifications = new WsFederationAuthenticationNotifications
{
AuthenticationFailed = context =>
{
context.HandleResponse();
context.Response.Redirect("Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
},
TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false },
};
app.UseWsFederationAuthentication(azure);
}
}
我填充了用于登录的各种身份验证提供程序。当我单击 ADFS 时,我能够进行身份验证、获取声明,一切正常。但是当我尝试针对 Azure AD 进行身份验证时,出现错误“ID 4037”,无法解析验证签名所需的 key 。注意:如果我尝试单独执行 Azure AD(评论 ADFS 部分),它可以正常工作。 Orglist 从数据库中填充,它包含元数据 url、领域等信息。出于开发目的,我已配置 https://localhost:44303作为两者的领域。
我登录后的回调方法是
[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return RedirectToAction("Login");
}
// Sign in the user with this external login provider if the user already has a login
var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false });
case SignInStatus.Failure:
default:
// If the user does not have an account, then prompt the user to create an account
ViewBag.ReturnUrl = returnUrl;
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.DefaultUserName});
}
}
指导我哪里出了问题
最佳答案
我知道问题出在哪里了。当我们有多个身份验证提供程序时,添加到 OWIN 中间件管道的每个身份验证选项的身份验证类型应该是唯一的。对于尝试实现类似解决方案的人,下面给出了对我有用的代码。
foreach (OrganizationModel org in orgList)
{
switch (org.AuthenticationName)
{
case "ADFS":
var adfs = new WsFederationAuthenticationOptions
{
AuthenticationType = org.AuthenticationType,
Caption = org.Caption,
BackchannelCertificateValidator = null,
MetadataAddress = org.MetadataUrl,
Wtrealm = org.Realm,
SignOutWreply = org.Realm,
Notifications = new WsFederationAuthenticationNotifications
{
AuthenticationFailed = context =>
{
context.HandleResponse();
context.Response.Redirect("Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
},
TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = false },
};
app.UseWsFederationAuthentication(adfs);
break;
case "Azure":
OpenIdConnectAuthenticationOptions azure = null;
azure = new OpenIdConnectAuthenticationOptions
{
AuthenticationType = org.AuthenticationType,
Caption = org.Caption,
BackchannelCertificateValidator = null,
Authority = org.MetadataUrl,
ClientId = org.ClientId,
RedirectUri = org.Realm,
PostLogoutRedirectUri=org.Realm,
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = context =>
{
context.HandleResponse();
context.Response.Redirect("Home/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
},
};
app.UseOpenIdConnectAuthentication(azure);
break;
case "Shibboleth":
break;
default:
break;
}
}
关于azure - 多个身份验证提供商拥有,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35706262/
25
4
0
我在前几天的测验中遇到了以下问题。 Consider the code fragment (assumed to be in a program in which all variables are
关闭。这个问题需要更多focused .它目前不接受答案。 想改进这个问题吗? 更新问题,使其只关注一个问题 editing this post . 关闭 9 年前。 Improve this qu
我刚开始接触 Objective-C,一般来说是 C,所以我想这也是一个 C 问题。它更像是一个为什么的问题,而不是一个如何做的问题问题。 我注意到,在除以两个整数时,小数部分向下舍入为 0,即使结果
我是一名优秀的程序员,十分优秀!