Do you know of a way for me to create a customer authentication in Odata services? I don't want to use the default ASP.NET membership model and NetworkCredential.
I have already referred section : authentication-part-6-custom-basic-authentication.aspx. But i am not able to debug Httpmodule i.e Init() of Httpmodule
This depends on what version of IIS you are deploying/testing in.
I found that when using IIS version less than 7, your new HttpModule should be declared in System.web/HttpModules tag. In version 7 and higher, it should be in the System.webserver/Modules tag.
Within IIS, enable just anonymous authentication.
Related
I have one solution with two MVC projects, which use the IdentityServer4. In one project I installed the IdentityServer4 and have full access to the database. The other project is an MVC client.
When I set the [Authorize] attribute on both project all works fine, but this role attribute [Authorize(Roles = "user")] works only in project one that has the IdentityServer4, the MVC client says:
Unable to resolve service for type 'Microsoft.AspNetCore.Identity.UserManager`1[Entities.Application.ApplicationUser]' while attempting to activate 'IdMWeb.Controllers.AccountController' (this is the project one with the IdentityServer4 installed).
My questions are, why project one does not complain when I do not set the role attribute in project 2.
Also, how can project 2 get the role from the database?
please see bottom link for asp .net core apps:
Share authentication cookies path
simple answer:
please add bottom code in startup.cs ConfigureServices method of two or more ASP.NET Core projects :(be cureful the path "C:\sampleDirectoryInServer" exists in your server)
services.AddDataProtection()
.PersistKeysToFileSystem(new DirectoryInfo(#"C:\sampleDirectoryInServer"))
.SetApplicationName("SharedCookieApp");
services.ConfigureApplicationCookie(options => {
options.Cookie.Name = ".AspNet.SharedCookie";
});
it's work for me(2 asp.net core app with same database and different ports)
Based on the error message your posted, It may be that you did not define a client on the server side for this particular client. A IdentityServer instance will only accept requests from clients that it already knows about. You have to define the acceptable clients for it when you configure the middleware.
I've followed the steps on http://www.cloudidentity.com/blog/2014/02/12/use-the-on-premises-organizational-authentication-option-adfs-with-asp-net-in-visual-studio-2013/ to create a new MVC application using ADFS to authenticate my users. Now the team behind the ADFS configuration needs the application metadata file to allow the application to connect the ADFS.
How can I generate this metadata file?
It normally "lives" at /FederationMetadata/2007-06/FederationMetadata.xml in your STS website. If you used a standard solution like thinktecture then that is the case. Otherwise, you can generate it yourself using the .Net classes in System.IdentityModel.Metadata. You can find some inspiration at https://github.com/IdentityServer/IdentityServer3.WsFederation/blob/25a2101f9bfe78e4ec856eb15c9bf19a9a9b256c/source/WsFederationPlugin/WsFederationController.cs and related classes.
I have just installed Visual Studio 2013, created an MVC Web Application project and noticed a new file in the project template called Startup.cs.
What is this, how is this different from Global.asax.cs and are there any good best practices on what to use this for?
Every OWIN application has a startup class where you specify components for the application pipeline.
If you start a new Visual Studio project, you'll see pieces of OWIN in it.
OWIN is a specification that defines an API for framework and servers to cooperation.
The point of OWIN is to decouple server and application.
For example, ASP.NET Identity uses OWIN security, SignalR self hosting uses OWIN hosting, and etc., the examples all use OWIN,
therefore they all need to have a startup class, that is defined in "Startup.cs" file.
The Global.asax, the ASP.NET application file, is an optional file that contains code for responding
to application-level events raised by ASP.NET or by HttpModules.
For more details:
OWIN
http://www.asp.net/aspnet/overview/owin-and-katana
Global.asax
http://msdn.microsoft.com/en-us/library/1xaas8a2(v=vs.71).aspx
You can find more ideas about why OWIN in the following article:
http://www.asp.net/aspnet/overview/owin-and-katana/an-overview-of-project-katana
The file seems to be related to SignalR. Quoting the VS 2013 release notes:
Built on OWIN
SignalR 2.0 is built completely on OWIN (the Open Web Interface for
.NET). This change makes the setup process for SignalR much more
consistent between web-hosted and self-hosted SignalR applications,
but has also required a number of API changes.
MapHubs and MapConnection are now MapSignalR
For compatibility with OWIN standards, these methods have been renamed
to MapSignalR. MapSignalR called without parameters will map all hubs
(as MapHubs does in version 1.x); to map individual
PersistentConnection objects, specify the connection type as the type
parameter, and the URL extension for the connection as the first
argument.
The MapSignalR method is called in an Owin startup class. Visual
Studio 2013 contains a new template for an Owin startup class; to use
this template, do the following:
Right-click on the project
Select Add, New Item...
Select Owin Startup class. Name the new class Startup.cs.
In a Web application, the Owin startup class containing the MapSignalR
method is then added to Owin's startup process using an entry in the
application settings node of the Web.Config file, as shown below.
In a Self-hosted application, the Startup class is passed as the type
parameter of the WebApp.Start method.
The Startup class is the convention that Katana/OWIN looks for to initialize the pipeline. When your app starts, the code inside of the Configuration function is run to set up the components that'll be used. In the MVC 5 templates, it's used to wire up the authentication middleware which is all built on top of OWIN.
If you want to use dependency injection with OWIN, check out this project on GitHub: DotNetDoodle.Owin.Dependencies
I am migrating my project to MVC 5 and I've just installed Visual Studio 2013 RC. As far as I can see there must be a file named IdentityConfig.cs in the App_Start directory, but even if I create a new project, that file is missing. I am thinking that maybe it could be about version of Visual Studio that I am using. Is there anyway to solve this problem?
Also, I can't add Roles or Membership Providers to web.config. How can I do this with IdentityConfig?
IdentityConfig.cs is no longer required and was removed in the RC version. This is discussed in the article "Introducing ASP.NET Identity". Here is the relevant snippet from this article.
Following are the notable changes from 1.0.0-alpha1 – 1.0.0-beta1
In these templates you no longer need IdentityConfig.cs
Lots of public APIs were changed for renames and refactoring of code.
Transactions support was added to the framework.
What you should find in App_Start is a Startup.Auth.cs file configuring the authentication / authorization middleware for the site.
ASP.NET MVC 5 doesn't use the role providers and membership providers that have been around since ASP.NET 2.0. You could still configure those into a web site, but then you'd probably want to get rid of the middleware.
By middleware, I mean most of the authz features are moving into OWIN middleware for ASP.NET. The StartupAuth.cs file and the AccountController in a new MVC 5 project show you a bit how everything can work together, although it is not well documented.
Is it possible to add a wildcard application map in IIS6 from the wix installer package? I know how to add application extensions however can't see any way to add wildcards.
This is needed for ASP.Net MVC to function properly.
Found the answer. You use the WebApplicationExtension (found in WixIisExtension), without specifying an Extension attribute. Here's the wildcard mapping for ASP.NET 2.0:
<iis:WebApplicationExtension CheckPath="no"
Script="yes"
Executable="[FRAMEWORKROOT]v2.0.50727\aspnet_isapi.dll"
Verbs="GET,HEAD,POST"/>