ClaimsAuthenticationManager is not invoked

Question

I'm facing a weird issue with the WIF ClaimsAuthenticationManager. I have registered the custom implementatin of the ClaimsAuthenticationManager in the web.config file:

<identityConfiguration>
  <claimsAuthenticationManager type="<namespace>.CustomClaimsTransformer,<assembly>" />
  <claimsAuthorizationManager type="<namespace>.CustomAuthorisationManager,<assembly>" />
....

When i run the application in the IISExpress the authenticate method of the ClaimsAuthenticationManager gets invoked. However, it's not being invoked ever since i deployed the application on IIS 7.5.

Is there any configuration that needs to be done?

Answer 1

In the system.webserver part of your web.config do you have the ClaimsAuthorizationModule set,

eg

<add name="ClaimsAuthorizationModule" type="Microsoft.IdentityModel.Web.ClaimsAuthorizationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />

Answer 2

For .NET 4.5 you have to add this:

<add name="ClaimsAuthorizationModule" type="System.IdentityModel.Services.ClaimsAuthorizationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />

Answer 3

ClaimsAuthenticationManager is not invoked automatically. One needs a plumbing code for that unless they are using WS-Federation.

You can do it in an PostAuthenticateRequest event handler for the HttpApplication.

A good example is located in the http://github.com/thinktecture/Thinktecture.IdentityModel.45 project. Search for ClaimsAuthenticationHttpModule.cs which invokes it.