Click here to Skip to main content
15,070,802 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hello All,

I am working with the functionality to integrate ADFS login page with my application.

Flow

User will try to visit page. Here system will try to authenticate user.

System will redirect user to ADFS login page.

User will enter login information. If user is authenticated then user will be redirected back to the application with authorized token information.

I am facing difficulties to read the token information when the page is redirected back.

What I have tried:

I am able to redirect page to ADFS login page and also can redirect back to my system if the user is authenticated using below url format:

https://adfs-domain-name/adfs/ls

Please find the below code snippet which I am using after getting back the page to read token information.

ClaimsPrincipal claimsPrincipal = Thread.CurrentPrincipal as ClaimsPrincipal;
bool IsAuthenticated = claimsPrincipal.Identity.IsAuthenticated;
int ClaimCount = claimsPrincipal.Claims.Count();


Here I am getting IsAuthenticated as false and ClaimCount as 0 result.

Is there anything incorrect in my code or way to connect ADFS login page ?

Can anyone help me to fix this ?

Please let me know if you have any concern or query or if I am missing something.
Posted
Updated 9-Aug-17 1:30am
Comments
Graeme_Grant 22-Jul-17 7:08am
   
Have you done any research on the web? I see there is a lot of examples and guides that can answer this beginners question for you:

asp.net Token based authentication using ADFS - Google Search[^]
Advay Pandya 22-Jul-17 7:22am
   
Hi Graeme,

Yes, me and my project partner are researching this since last 2 days.
We got few articles saying that object of "ClaimsPrincipal" class will work for our scenario. After implementing many google search I finally posted here.
Atlapure Ambrish 22-Jul-17 7:29am
   
Here's an article it is not for asp.net but explains the steps..

http://blog.scottlogic.com/2015/03/09/OAUTH2-Authentication-with-ADFS-3.0.html

1 solution

I have done some configurations in config file and now system is going to fetch the claims information


<system.identityModel>  
    <identityConfiguration>  
        <audienceUris>  
            <add value="http://localhost:28503/" />  
        </audienceUris>  
        <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">  
            <trustedIssuers>  
                <add thumbprint="1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ1234" name="YourSTSName" />  
            </trustedIssuers>   
        </issuerNameRegistry>  
        <certificateValidation certificateValidationMode="None" />  
    </identityConfiguration>  
</system.identityModel>  
<system.identityModel.services>  
    <federationConfiguration>  
        <cookieHandler requireSsl="false" />  
        <wsFederation passiveRedirectEnabled="true" issuer="http://localhost:13922/wsFederationSTS/Issue" realm="http://localhost:28503/" reply="http://localhost:28503/" requireHttps="false" />  
    </federationConfiguration>  
</system.identityModel.services>  



Here I am getting below error:

"ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer."

All the articles suggest to check the certificate information (Thumbprint and subject name)

I have double check the subject name and Thumbprint of the certificate, so they are correct.

Can anyone help me to fix the same ?

I believe that after fixing the error I will be able to get the claims information.

Please advise.
   
Comments
Richard Deeming 9-Aug-17 11:00am
   
If you want to update your question, click the green "Improve question" link at the bottom of your question.

DO NOT post the update as a "solution"!

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900