Reputation: 235
Using Kentor Authservices with a custom Roleprovider
I'm updating a website with a custom membership and role provider into a SAML based authentication from a shib IDP via kentor authservices.
I've successfully replaced the membership provider (though if someone can advise how to write a unusually named claim into user.identity.name it would save me a headache later down the line) but I need to keep the custom roleprovider and associated roles based access.
When I log in, I can load non-anonymous user pages but trying to access a role-controlled page results in an infinite loop of trying to get authorisation from the IDP rather than from the entirely separate roles server.
Is there a way I can decouple or somehow intercept the roles authentication from kentor so I can continue to use the existing class?
Thank you
Upvotes: 0
Views: 337
Answers (1)
Reputation: 69260
AuthServices calls the standard WIF a ClaimsAuthenticationManager hook, where you can adjust the claims. Use that to query your role store and add the role claims to the principal generated from the SAML assertion.
Upvotes: 1
Related Questions
- Kentor AuthServices/Owin - handling the response from the identity provider
- Kentor/Owin/Azure AD Authentication
- How can i use kentor authentication services in my web application for authencation
- ASP.NET Implementing "Act As" functionality when using Windows Authentication and Custom Role Provider
- Kentor Auth services SAML 2.0 -Service certificate
- Kentor Auth Services - Additional Claim
- Using Kentor.AuthServices.StubIdp as production IDP
- Custom Role Provider with Windows Authentication
- Using Custom RoleProvider with Windows Identity Foundation - STS
- urlauthorization with custom roleprovider