Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it possible to get ACS claims without editing web.config?

Tags:

c#

azure

claims-based-identity

wif

acs

Is it possible to set up the realm URL, claim types, etc for azure ACS without editing the web.config? Can you set up these required elements programmatically somehow?

EDIT: Specifically I want to get rid of this:

<federatedAuthentication>
    <wsFederation passiveRedirectEnabled="true" issuer="https://mynamespace.accesscontrol.windows.net/v2/wsfederation" realm="http://localhost:81/" requireHttps="false" />
</federatedAuthentication>

Basically, I don't want the realm being specified in the web config, but rather in code somewhere. I've tried overriding ClaimsAuthenticationManager and commenting out the portions to the code related to FederatedAuthentication. My overridden authenticate code is hit, but it doesn't contain any claims. I'm assuming that this is because FederatedAuthentication is an intermediary which performs its own authentication before it gets to the overridden ClaimsAuthenticationManager normally. Is there a way to override the FederatedAuthentication portion in a similar manner? Or is there information passed into the overridden authenticate method that I can use to perform my own authentication?

like image 771
Seth Micalizzi Avatar asked Feb 27 '12 22:02

Seth Micalizzi

1 Answers

To remove that xml line from the web config, I made my own WSFederationAuthenticationModule overriding the old one, like so:

public class CustomWSFederationAuthenticationModule : WSFederationAuthenticationModule
{
    protected override void InitializePropertiesFromConfiguration(string serviceName)
    {
        this.Realm = "http://localhost:81/";
        this.Issuer = "https://acsnamespace.accesscontrol.windows.net/v2/wsfederation";
        this.RequireHttps = false;
        this.PassiveRedirectEnabled = true;
    }
}

And the important part of the web.config:

<modules runAllManagedModulesForAllRequests="true">
  <add name="WSFederationAuthenticationModule" type="CustomModuleLocation.CustomWSFederationAuthenticationModule, CustomModuleLocation" preCondition="managedHandler"/>
  <add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
</modules>

Also the federatedAuthentication section of the XML is removed entirely.

like image 59
Seth Micalizzi Avatar answered Nov 15 '22 15:11

Seth Micalizzi
Sign in to Comment

Related questions

Database already exist. Choose a Different Name using CreateDatabase()
Every array of enum implements IEnumerable<EveryOtherEnum>. How do I work around this?
How can I restart IIS from C# code running as a user who is an administrator?
IoC with value type and object type dependencies
Exception when adding Dictionary entry
Task cancellation best practices
How to check programmatically if windows is up-to-date?
Connecting to PowerPivot with C#
View Exception.Data in Watch Window while debugging
How can I use "Linq to Objects" to put a set of contiguous dates in one group?
Stop Autofac module registering already-registered components
unit / integration testing and restoring databases
LINQ - Different syntax style, different result?
Can I modify a Win7 environment to allow a .Net program to always run as Administrator?
FindWindow with partially known title
Querying data using Entity Framework from dynamically created table
How to pick a random element from an array that matches a certain criteria in O(1)
How does ISet have two Add(T item) methods that vary only by return type?
How to trigger plugin in MS Dynamic CRM on N:N relationships?
How to Split String with Containing Parentheses into multi-dimensional array

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!