public static FederationConfiguration Create(string relyingPartyUrl, string stsUrl, string domain, string certificateThumbprint, string authCookieName, bool requireSsl) { var federationConfiguration = new FederationConfiguration(); federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(relyingPartyUrl)); var issuingAuthority = new IssuingAuthority(stsUrl); issuingAuthority.Thumbprints.Add(certificateThumbprint); issuingAuthority.Issuers.Add(stsUrl); var issuingAuthorities = new List<IssuingAuthority> { issuingAuthority }; var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry { IssuingAuthorities = issuingAuthorities }; federationConfiguration.IdentityConfiguration.IssuerNameRegistry = validatingIssuerNameRegistry; federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None; var chunkedCookieHandler = new ChunkedCookieHandler { RequireSsl = requireSsl, Name = authCookieName, Domain = domain, PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0) }; federationConfiguration.CookieHandler = chunkedCookieHandler; var issuerOfToken = stsUrl; federationConfiguration.WsFederationConfiguration.Issuer = issuerOfToken; federationConfiguration.WsFederationConfiguration.Realm = relyingPartyUrl; federationConfiguration.WsFederationConfiguration.RequireHttps = requireSsl; return federationConfiguration; }
private static void FederatedAuthentication_FederationConfigurationCreated(object sender, FederationConfigurationCreatedEventArgs e) { //from appsettings... const string allowedAudience = "http://audience1/user/get"; const string rpRealm = "http://audience1/"; const string domain = ""; const bool requireSsl = false; const string issuer = "http://sts/token/create; const string certThumbprint = " mythumbprint "; const string authCookieName = " StsAuth "; var federationConfiguration = new FederationConfiguration(); federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(allowedAudience)); var issuingAuthority = new IssuingAuthority(internalSts); issuingAuthority.Thumbprints.Add(certThumbprint); issuingAuthority.Issuers.Add(internalSts); var issuingAuthorities = new List<IssuingAuthority> {issuingAuthority}; var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry {IssuingAuthorities = issuingAuthorities}; federationConfiguration.IdentityConfiguration.IssuerNameRegistry = validatingIssuerNameRegistry; federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None; var chunkedCookieHandler = new ChunkedCookieHandler {RequireSsl = false, Name = authCookieName, Domain = domain, PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0)}; federationConfiguration.CookieHandler = chunkedCookieHandler; federationConfiguration.WsFederationConfiguration.Issuer = issuer; federationConfiguration.WsFederationConfiguration.Realm = rpRealm; federationConfiguration.WsFederationConfiguration.RequireHttps = requireSsl; e.FederationConfiguration = federationConfiguration; }
public static FederationConfiguration LoadConfigurationSection() { var allowedAudience = MortysMixedAuthenticationConfiguration.Settings.ClientApplicationUri; var rpRealm = MortysMixedAuthenticationConfiguration.Settings.ClientApplicationUri; var domain = ""; var requireSsl = true; var issuer = MortysMixedAuthenticationConfiguration.Settings.SecurityTokenIssuerUri; var certThumbprint = MortysMixedAuthenticationConfiguration.Settings.TokenSigningSertificateThumbprint; var issuingAuthorityUri = MortysMixedAuthenticationConfiguration.Settings.TokenIssuingAuthorityUri; var authCookieName = "FocusFederatedAuth"; var federationConfiguration = new FederationConfiguration(); federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(allowedAudience)); var issuingAuthority = new IssuingAuthority(issuingAuthorityUri); issuingAuthority.Thumbprints.Add(certThumbprint); issuingAuthority.Issuers.Add(issuingAuthorityUri); var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry { IssuingAuthorities = new List <IssuingAuthority> { issuingAuthority } }; federationConfiguration.IdentityConfiguration.IssuerNameRegistry = validatingIssuerNameRegistry; federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None; var chunkedCookieHandler = new ChunkedCookieHandler { RequireSsl = false, Name = authCookieName, Domain = domain, PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0) }; federationConfiguration.CookieHandler = chunkedCookieHandler; federationConfiguration.WsFederationConfiguration.Issuer = issuer; federationConfiguration.WsFederationConfiguration.Realm = rpRealm; federationConfiguration.WsFederationConfiguration.RequireHttps = requireSsl; federationConfiguration.WsFederationConfiguration.PassiveRedirectEnabled = true; return(federationConfiguration); }
public static FederationConfiguration Create(string relyingPartyUrl, string stsUrl, string domain, string certificateThumbprint, string authCookieName, bool requireSsl) { var federationConfiguration = new FederationConfiguration(); federationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(relyingPartyUrl)); var issuingAuthority = new IssuingAuthority(stsUrl); issuingAuthority.Thumbprints.Add(certificateThumbprint); issuingAuthority.Issuers.Add(stsUrl); var issuingAuthorities = new List <IssuingAuthority> { issuingAuthority }; var validatingIssuerNameRegistry = new ValidatingIssuerNameRegistry { IssuingAuthorities = issuingAuthorities }; federationConfiguration.IdentityConfiguration.IssuerNameRegistry = validatingIssuerNameRegistry; federationConfiguration.IdentityConfiguration.CertificateValidationMode = X509CertificateValidationMode.None; var chunkedCookieHandler = new ChunkedCookieHandler { RequireSsl = requireSsl, Name = authCookieName, Domain = domain, PersistentSessionLifetime = new TimeSpan(0, 0, 30, 0) }; federationConfiguration.CookieHandler = chunkedCookieHandler; var issuerOfToken = stsUrl; federationConfiguration.WsFederationConfiguration.Issuer = issuerOfToken; federationConfiguration.WsFederationConfiguration.Realm = relyingPartyUrl; federationConfiguration.WsFederationConfiguration.RequireHttps = requireSsl; return(federationConfiguration); }
private static void InitializeHandler(bool enforceSSL) { if (_handler == null) lock (locker) { if (_handler == null) { _handler = new ChunkedCookieHandler(); _handler.RequireSsl = enforceSSL; } } }
private void ReadProcessCookie(SessionAuthenticationModule sam) { ChunkedCookieHandler cookieHandler = new ChunkedCookieHandler(); Byte[] cookie = cookieHandler.Read(Context); if (null == cookie) { present = false; return; } SessionSecurityToken token = sam.ReadSessionTokenFromCookie(cookie); context.InnerText = token.Context; isPersistent.InnerText = token.IsPersistent.ToString(); isSessionMode.InnerText = token.IsSessionMode.ToString(); id.InnerText = token.Id; validFrom.InnerText = token.ValidFrom.ToString(); validTo.InnerText = token.ValidTo.ToString(); }