Дмитрий
Reputation: 21
Can`t authorize using WS-Federation and ASP.NET
I have a problem with WS-Federation auth. So, there are my settings:
builder.Services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme;
})
.AddWsFederation(options =>
{
options.Wtrealm = "https://dev-archive-console-admin.eisnot.ru/";
options.MetadataAddress = "https://my-adfs.ru/FederationMetadata/2007-06/FederationMetadata.xml";
})
.AddCookie();
builder.Services.AddAuthorization(options =>
{
options.AddPolicy("Publisher", policy =>
policy.RequireClaim(ClaimTypes.Role, "dev_eis_archive_admin_publisher")
);
});
[Authorize(Policy = "Publisher")]
public class QueueController : Controller
{
So, i see adfs login page and after i try to login i see error adfs page. I`ve got logs and there: Error : MSIS7042: The same client browser session has made '6' requests in the last '1' seconds
After this i added responce and request logger and now i see this: 
So, as i see - there is no claim, but i get token in my request body from ADFS and by this reason a have a redirect authorization loop. Any ideas how to fix it?
Upvotes: 0
Views: 37
Answers (0)
Related Questions
- ASP.NET Web Site or ASP.NET Web Application?
- ADFS 2012 response is not returning Name ID
- How can I retrieve Id of inserted entity using Entity framework?
- ASP.net using OWIN for Azure Active Directory Federation Services Single Sign On
- How to authenticate user name and password against Active Directory Federation Services (ADFS)?
- Active Federation for ADFS Proxy 2.0
- How to determine federation name and AD FS issuer url endpoints from client?
- Verifying Active Directory Federation Services(ADFS) installation