Token based authentication using ADFS

Question

0.00/5 (No votes)

See more:

, +

Hello All,

I am working with the functionality to integrate ADFS login page with my application.

Flow

User will try to visit page. Here system will try to authenticate user.

System will redirect user to ADFS login page.

User will enter login information. If user is authenticated then user will be redirected back to the application with authorized token information.

I am facing difficulties to read the token information when the page is redirected back.

What I have tried:

I am able to redirect page to ADFS login page and also can redirect back to my system if the user is authenticated using below url format:

https://adfs-domain-name/adfs/ls

Please find the below code snippet which I am using after getting back the page to read token information.

ClaimsPrincipal claimsPrincipal = Thread.CurrentPrincipal as ClaimsPrincipal;
bool IsAuthenticated = claimsPrincipal.Identity.IsAuthenticated;
int ClaimCount = claimsPrincipal.Claims.Count();

Here I am getting IsAuthenticated as false and ClaimCount as 0 result.

Is there anything incorrect in my code or way to connect ADFS login page ?

Can anyone help me to fix this ?

Please let me know if you have any concern or query or if I am missing something.

Posted 22-Jul-17 1:04am

Advay Pandya

Updated 9-Aug-17 1:30am

Add a Solution

Comments

Graeme_Grant 22-Jul-17 7:08am

Have you done any research on the web? I see there is a lot of examples and guides that can answer this beginners question for you:

asp.net Token based authentication using ADFS - Google Search[^]

Advay Pandya 22-Jul-17 7:22am

Hi Graeme,

Yes, me and my project partner are researching this since last 2 days.
We got few articles saying that object of "ClaimsPrincipal" class will work for our scenario. After implementing many google search I finally posted here.

Atlapure Ambrish 22-Jul-17 7:29am

Here's an article it is not for asp.net but explains the steps..

http://blog.scottlogic.com/2015/03/09/OAUTH2-Authentication-with-ADFS-3.0.html

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Advay Pandya · Answer 1 · 2017-08-09T01:30:00

I have done some configurations in config file and now system is going to fetch the claims information

<system.identityModel>  
    <identityConfiguration>  
        <audienceUris>  
            <add value="http://localhost:28503/" />  
        </audienceUris>  
        <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">  
            <trustedIssuers>  
                <add thumbprint="1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ1234" name="YourSTSName" />  
            </trustedIssuers>   
        </issuerNameRegistry>  
        <certificateValidation certificateValidationMode="None" />  
    </identityConfiguration>  
</system.identityModel>  
<system.identityModel.services>  
    <federationConfiguration>  
        <cookieHandler requireSsl="false" />  
        <wsFederation passiveRedirectEnabled="true" issuer="http://localhost:13922/wsFederationSTS/Issue" realm="http://localhost:28503/" reply="http://localhost:28503/" requireHttps="false" />  
    </federationConfiguration>  
</system.identityModel.services>

Here I am getting below error:

"ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer."

All the articles suggest to check the certificate information (Thumbprint and subject name)

I have double check the subject name and Thumbprint of the certificate, so they are correct.

Can anyone help me to fix the same ?

I believe that after fixing the error I will be able to get the claims information.

Please advise.