public override ActionResult Login(ControllerContext controllerContext, Uri returnUrl) { Uri landingUrl = GenerateLandingUrl(controllerContext, new { returnUrl }); WSFederationAuthenticationModule module = new WSFederationAuthenticationModule { Realm = landingUrl.ToString(), Issuer = IssuerUrl }; SignInRequestMessage signInMessage = module.CreateSignInRequest(Guid.NewGuid().ToString(), landingUrl.ToString(), false); if (!String.IsNullOrEmpty(HomeRealm)) { signInMessage.Parameters.Add(HomeRealmParameter, HomeRealm); } AddParametersToSignInMessage(signInMessage); return new RedirectResult(signInMessage.RequestUrl); }
protected void Page_Load(object sender, EventArgs e) { if (Thread.CurrentPrincipal.Identity.IsAuthenticated) { IClaimsIdentity identity = (IClaimsIdentity)Thread.CurrentPrincipal.Identity; /* For illustrative purposes this sample application simply shows all the parameters of * claims (i.e. claim types and claim values), which are issued by a security token * service (STS), to its clients. In production code, security implications of echoing * the properties of claims to the clients should be carefully considered. For example, * some of the security considerations are: (i) accepting the only claim types that are * expected by relying party applications; (ii) sanitizing the claim parameters before * using them; and (iii) filtering out claims that contain sensitive personal information). * DO NOT use this sample code ‘as is’ in production code. */ ShowName(identity); ShowClaimsIdentityAsIIdentity(identity); ShowClaimsFromClaimsIdentity(identity); } else { // use WS-Federation WSFederationAuthenticationModule authModule = new WSFederationAuthenticationModule(); authModule.Realm = "https://localhost/PassiveRP/Default.aspx"; authModule.Issuer = "https://localhost/PassiveFPSTS/Default.aspx"; string uniqueId = Guid.NewGuid().ToString(); // create a request message SignInRequestMessage signInMsg = authModule.CreateSignInRequest(uniqueId, authModule.Realm, false); string homeRealmSts = Page.Request.QueryString["whr"]; if (!String.IsNullOrEmpty(homeRealmSts)) { signInMsg.Parameters.Add("whr", homeRealmSts); } // Redirect to the FP STS for token issuance Page.Response.Redirect(signInMsg.RequestUrl); } }