Stack Overflow
Stack Overflow

Questions tagged [claims-based-identity]

Application model for presenting an identity to a claims aware application. This identity contains claim elements, such as email address or username, in a secure package from a trusted source. This model separates the application from the authentication mechanism.

Resources

Wikipedia Entry - Claims-based identity

MSDN Article - Exploring Claims-Based Identity by Kieth Brown

1595 questions
0
votes
2 answers

Why isn't the user authenticated?

Startup.cs: public class Startup { public IConfiguration Configuration { get; set; } public Startup(IApplicationEnvironment env) { var builder = new ConfigurationBuilder(env.ApplicationBasePath) …
Mihai Bratulescu
  • 1,915
  • 3
  • 27
  • 43
0
votes
1 answer

Do I need to validate STS token against schema?

We are using STS token for claims based identity. I found that following method validates the token from STS and generates claims. FederatedAuthentication.ServiceConfiguration.SecurityTokenHandlers.ValidateToken(token) 1.Does this method validate…
ahmed.sowdagar
  • 39
  • 4
0
votes
1 answer

MVC Frontend Identity JWT Token from custom Authentication server

I am have been stumbling around the web for the past day trying to figure out how I can attach an MVC ASP.NET 4.5 app to an authentication server that I created using examples posted on bitoftech.net…
Jason Coley
  • 125
  • 9
0
votes
1 answer

How to force AD FS 3.0 (Windows 2012 R2) to send nbf (not before) in jwt

I am trying to receive JWT token from oauth2 endpoint of ADFS in my single page application. I succesfully received code from oauth2 endpoint. After ajax POST request i received access_token and refresh_token. But when i look to access_token i have…
milunka
  • 33
  • 5
0
votes
0 answers

Claims Based Authentication with separate auth and resource servers

I'm writing my first ASP.NET system with Claims Based Authentication (i.e. noob alert). I'm jumping straight into the deep end, with separate authentication and resource services. So my app needs first to authenticate on API "A", and on API "B" I…
Shaul Behr
  • 36,951
  • 69
  • 249
  • 387
0
votes
1 answer

Is there a recommended practice for implementing a Password Vault / Credential Cache to achieve Single Sign-On?

We're building an ASP.Net MVC portal system that use Office 365 / Azure AD for authentication. In addition to displaying info from Office 365 such as the current user's latest emails and calendar items, the portal will also include a number of…
j.strugnell
  • 407
  • 1
  • 3
  • 15
0
votes
1 answer

Azure Mobile Services - Custom Authentication Claims Issue

I've implemented custom authentication in my mobile services, but the claims that I add to my ClaimsIdentity object don't appear to be saved. I create my ClaimsIdentity object, and then pass it to the CreateLoginResult method, as follows: public…
Chris Jelly
  • 119
  • 1
  • 7
0
votes
1 answer

Get user claims in a class asp.vnext beta4

In the asp.net vnext, I am getting the user claims in the Controller using the following code: var claimsIdentity = User.Identity as ClaimsIdentity; var c = claimsIdentity.FindFirst(ClaimTypes.Name); var temp =…
Karthick
  • 816
  • 1
  • 9
  • 21
0
votes
1 answer

How to test Web.API method with RestSharp passing in ClaimsPrincipal

I'm having a bit of trouble with a specific implementation of testing out my Web.API methods using RestSharp. I have been very successful in performing POSTS and GETS in my open (non-secured) methods. However, when I have to send in a token to…
Catchops
  • 193
  • 3
  • 12
0
votes
1 answer

JWT ValidateToken overriding in C#

I have setup a token authentication process and its working quite well. I am using OWIN. I am extending 2 specific points which lets me control the signing of the JWT and also the validating of user credentials like so. Provider = new…
Martin
  • 23,844
  • 55
  • 201
  • 327
0
votes
1 answer

ADFS – tokens and claims?

First I am new to the topic ADFS. The goal is a Single-Sign-On authentication for Java-based Web-applications on Win2012R2. When a user opens the browser, he will get a token from the Security-Token-Service. With this token and included claims (?)…
swaemax
  • 1
  • 2
0
votes
1 answer

Retrieve information from Bearer Token

I have an MVC website that is calling a WebAPI in another project. The WebAPI uses OWIN and implements OAuth security. I will be using a Bearer Token to communicate between the MVC and WebAPI applications. My website requires the user to be in…
ChristyPiffat
  • 359
  • 1
  • 6
  • 26
0
votes
1 answer

Authorization Model: Context of Role?

I am currently attempting to design an Authorization Model that has the following components: Privileges - an action that can either be granted or denied to a user/group Roles - a collection of privileges; roles can be associated with a user or…
Mackers
  • 1,039
  • 8
  • 21
0
votes
0 answers

User is authorised when using IE but not Chrome/Firefox

I have an AngularJS application which needs to talk to a service. The service is not set up to receive CORS requests so I have a ASP.NET WebAPI proxy, which receives requests from the AngularJS app and then calls the service. Windows authentication…
Paul T Davies
  • 2,527
  • 2
  • 22
  • 39
0
votes
0 answers

Session TimeOut and Claims Auth

We are developing an ASP.NET MVC web application using .NET Framework 4.5 and claims-based authentication/authorization. The application uses the standard ASP.NET mechanism to save a token into a cookie to read claims between POSTs that have been…
Rubén
  • 29
  • 2
  • 6
1 2 3
99 100