public static FederationConfiguration Create(string relyingPartyUrl, string stsUrl, string domain, string certificateThumbprint, string authCookieName, bool requireSsl)
        {
            var federationConfiguration = new FederationConfiguration();
            federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(relyingPartyUrl));

            var issuingAuthority = new IssuingAuthority(stsUrl);
            issuingAuthority.Thumbprints.Add(certificateThumbprint);
            issuingAuthority.Issuers.Add(stsUrl);
            var issuingAuthorities = new List<IssuingAuthority> { issuingAuthority };

            var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry { IssuingAuthorities = issuingAuthorities };
            federationConfiguration.IdentityConfiguration.IssuerNameRegistry = validatingIssuerNameRegistry;
            federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None;

            var chunkedCookieHandler = new ChunkedCookieHandler
                                       {
                                           RequireSsl = requireSsl,
                                           Name = authCookieName,
                                           Domain = domain,
                                           PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0)
                                       };
            federationConfiguration.CookieHandler = chunkedCookieHandler;
            var issuerOfToken = stsUrl;
            federationConfiguration.WsFederationConfiguration.Issuer = issuerOfToken;
            federationConfiguration.WsFederationConfiguration.Realm = relyingPartyUrl;
            federationConfiguration.WsFederationConfiguration.RequireHttps = requireSsl;

            return federationConfiguration;
        }
            private static void FederatedAuthentication_FederationConfigurationCreated(object sender, FederationConfigurationCreatedEventArgs e)
            {
                //from appsettings...
                const string allowedAudience = "http://audience1/user/get";
                const string rpRealm         = "http://audience1/";
                const string domain          = "";
                const bool   requireSsl      = false;
                const string issuer          = "http://sts/token/create;
        const string certThumbprint = " mythumbprint ";
        const string authCookieName = " StsAuth ";

        var federationConfiguration = new FederationConfiguration();
                                 federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(allowedAudience));

        var issuingAuthority = new IssuingAuthority(internalSts);
        issuingAuthority.Thumbprints.Add(certThumbprint);
        issuingAuthority.Issuers.Add(internalSts);
        var issuingAuthorities = new List<IssuingAuthority> {issuingAuthority};

        var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry {IssuingAuthorities = issuingAuthorities};
        federationConfiguration.IdentityConfiguration.IssuerNameRegistry = validatingIssuerNameRegistry;
        federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None;

        var chunkedCookieHandler = new ChunkedCookieHandler {RequireSsl = false, Name = authCookieName, Domain = domain, PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0)};
        federationConfiguration.CookieHandler = chunkedCookieHandler;
        federationConfiguration.WsFederationConfiguration.Issuer = issuer;
        federationConfiguration.WsFederationConfiguration.Realm = rpRealm;
        federationConfiguration.WsFederationConfiguration.RequireHttps = requireSsl;

        e.FederationConfiguration = federationConfiguration;
                  }
Ejemplo n.º 3
0
        public static FederationConfiguration LoadConfigurationSection()
        {
            var allowedAudience     = MortysMixedAuthenticationConfiguration.Settings.ClientApplicationUri;
            var rpRealm             = MortysMixedAuthenticationConfiguration.Settings.ClientApplicationUri;
            var domain              = "";
            var requireSsl          = true;
            var issuer              = MortysMixedAuthenticationConfiguration.Settings.SecurityTokenIssuerUri;
            var certThumbprint      = MortysMixedAuthenticationConfiguration.Settings.TokenSigningSertificateThumbprint;
            var issuingAuthorityUri = MortysMixedAuthenticationConfiguration.Settings.TokenIssuingAuthorityUri;
            var authCookieName      = "FocusFederatedAuth";

            var federationConfiguration = new FederationConfiguration();

            federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(allowedAudience));

            var issuingAuthority = new IssuingAuthority(issuingAuthorityUri);

            issuingAuthority.Thumbprints.Add(certThumbprint);
            issuingAuthority.Issuers.Add(issuingAuthorityUri);

            var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry
            {
                IssuingAuthorities = new List <IssuingAuthority> {
                    issuingAuthority
                }
            };

            federationConfiguration.IdentityConfiguration.IssuerNameRegistry        = validatingIssuerNameRegistry;
            federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None;

            var chunkedCookieHandler = new ChunkedCookieHandler {
                RequireSsl = false, Name = authCookieName, Domain = domain, PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0)
            };

            federationConfiguration.CookieHandler = chunkedCookieHandler;

            federationConfiguration.WsFederationConfiguration.Issuer                 = issuer;
            federationConfiguration.WsFederationConfiguration.Realm                  = rpRealm;
            federationConfiguration.WsFederationConfiguration.RequireHttps           = requireSsl;
            federationConfiguration.WsFederationConfiguration.PassiveRedirectEnabled = true;

            return(federationConfiguration);
        }
Ejemplo n.º 4
0
        public static FederationConfiguration Create(string relyingPartyUrl, string stsUrl, string domain, string certificateThumbprint, string authCookieName, bool requireSsl)
        {
            var federationConfiguration = new FederationConfiguration();

            federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(relyingPartyUrl));

            var issuingAuthority = new IssuingAuthority(stsUrl);

            issuingAuthority.Thumbprints.Add(certificateThumbprint);
            issuingAuthority.Issuers.Add(stsUrl);
            var issuingAuthorities = new List <IssuingAuthority> {
                issuingAuthority
            };

            var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry {
                IssuingAuthorities = issuingAuthorities
            };

            federationConfiguration.IdentityConfiguration.IssuerNameRegistry        = validatingIssuerNameRegistry;
            federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None;

            var chunkedCookieHandler = new ChunkedCookieHandler
            {
                RequireSsl = requireSsl,
                Name       = authCookieName,
                Domain     = domain,
                PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0)
            };

            federationConfiguration.CookieHandler = chunkedCookieHandler;
            var issuerOfToken = stsUrl;

            federationConfiguration.WsFederationConfiguration.Issuer       = issuerOfToken;
            federationConfiguration.WsFederationConfiguration.Realm        = relyingPartyUrl;
            federationConfiguration.WsFederationConfiguration.RequireHttps = requireSsl;

            return(federationConfiguration);
        }
Ejemplo n.º 5
0
 private static void InitializeHandler(bool enforceSSL)
 {
     if (_handler == null)
         lock (locker)
         {
             if (_handler == null)
             {
                 _handler = new ChunkedCookieHandler();
                 _handler.RequireSsl = enforceSSL;
             }
         }
 }
Ejemplo n.º 6
0
        private void ReadProcessCookie(SessionAuthenticationModule sam)
        {
            ChunkedCookieHandler cookieHandler = new ChunkedCookieHandler();
            Byte[] cookie = cookieHandler.Read(Context);
            if (null == cookie)
            {
                present = false;
                return;
            }

            SessionSecurityToken token = sam.ReadSessionTokenFromCookie(cookie);

            context.InnerText = token.Context;
            isPersistent.InnerText = token.IsPersistent.ToString();
            isSessionMode.InnerText = token.IsSessionMode.ToString();
            id.InnerText = token.Id;
            validFrom.InnerText = token.ValidFrom.ToString();
            validTo.InnerText = token.ValidTo.ToString();
        }