C# 没有索赔信息通过
正在使用ADFS asp.net 4.5应用程序。据我所知,我的ADF正在工作,我被重定向到我的授权页面,正确登录,并在用户名或密码错误时相应地提示。但是,一旦我进入,我需要获得登录的用户名。我在这里举了一个例子: 但我没有收到任何索赔。下面我将发布我的代码和web.config。不知道从这里到哪里去。谢谢C# 没有索赔信息通过,c#,asp.net,iis,adfs,C#,Asp.net,Iis,Adfs,正在使用ADFS asp.net 4.5应用程序。据我所知,我的ADF正在工作,我被重定向到我的授权页面,正确登录,并在用户名或密码错误时相应地提示。但是,一旦我进入,我需要获得登录的用户名。我在这里举了一个例子: 但我没有收到任何索赔。下面我将发布我的代码和web.config。不知道从这里到哪里去。谢谢 <?xml version="1.0"?> <!-- For more information on how to configure your ASP.NET appli
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
<configuration>
<configSections>
<section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
</configSections>
<connectionStrings>
<add name="PersonnelConnectionString2" connectionString="Data Source=EXPSQL;Initial Catalog=Personnel;User Id=xxxxxxx;Password=xxxxxxxx;" providerName="System.Data.SqlClient"/>
</connectionStrings>
<location path="FederationMetadata">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<!--
For a description of web.config changes see http://go.microsoft.com/fwlink/? LinkId=235367.
The following attributes can be set on the <httpRuntime> tag.
<system.Web>
<httpRuntime targetFramework="4.5" />
</system.Web>
-->
<system.web>
<authorization>
<deny users="?"/>
</authorization>
<authentication mode="None"/>
<compilation debug="true" targetFramework="4.5">
<assemblies>
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
</assemblies>
</compilation>
<pages validateRequest="false" controlRenderingCompatibilityVersion="4.0"/>
<httpRuntime requestValidationMode="2.0"/>
<customErrors mode="Off"/>
<httpModules>
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
</httpModules>
</system.web>
<appSettings>
<add key="FederationMetadataLocation" value="https://timeoff.expresslocations.com/FederationMetadata/2007-06/FederationMetadata.xml"/>
</appSettings>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules>
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler"/>
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler"/>
</modules>
</system.webServer>
<microsoft.identityModel>
<service>
<audienceUris>
<add value="https://timeoff.expresslocations.com/"/>
</audienceUris>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="https://devauth.expresslocations.com/adfs/ls/" realm="https://timeoff.expresslocations.com" requireHttps="true"/>
<cookieHandler requireSsl="true"/>
</federatedAuthentication>
<applicationService>
<claimTypeRequired>
<!--Following are the claims offered by STS 'http://devauth.expresslocations.com/adfs/services/trust'. Add or uncomment claims that you require by your application and then update the federation metadata of this application.-->
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" optional="true"/>
<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true"/>
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" optional="true"/>
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" optional="true" />-->
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" optional="true"/>
<!--<claimType type="http://schemas.xmlsoap.org/claims/CommonName" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/EmailAddress" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/Group" optional="true" />-->
<claimType type="http://schemas.xmlsoap.org/claims/UPN" optional="true"/>
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/claims/authnmethodsreferences" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" optional="true" />-->
</claimTypeRequired>
</applicationService>
<issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
<trustedIssuers>
<add thumbprint="A689CD7FDEAB8C0178A8CAC44830D9EE577F6814" name="http://devauth.expresslocations.com/adfs/services/trust"/>
</trustedIssuers>
</issuerNameRegistry>
</service>
</microsoft.identityModel>
</configuration>
你在什么情况下使用校长?可能是您在ASP.Net请求管道的错误部分获取身份验证数据。在BeginRequest或AuthenticateRequest事件中?我将该代码作为页面加载事件中的第一个代码,如教程中所示。我应该试着把它放在别的地方吗?这就是你的建议,还是我完全没有抓住要点。页面加载应该没问题。第二个代码段缺少它所在的方法。我的问题更多的是关于它在哪里。如果我将您的代码放在Global.asax中的BeginRequest方法中,它肯定不会起作用。Page_Load在管道的执行处理程序步骤上,身份验证后的几个步骤。我明白了,你知道为什么我的代码没有引入任何声明吗?
ClaimsPrincipal cp = Thread.CurrentPrincipal as ClaimsPrincipal;
if (cp != null)
{
foreach (Claim claim in cp.Claims)
{
output.InnerText = claim.Type.ToString();
}
}
else
{
output.InnerText = "Blank";
}