SAML Idp创建花费太多时间

时间:2018-11-14 10:19:57

标签: c# saml-2.0 adfs kentor-authservices sustainsys-saml2

我在代码中使用“ Kentor.AuthServices.dll ”和“ Kentor.AuthServices.Mvc.dll” ,以允许通过ADFS服务器及其进行单点登录运行正常,但问题是显示adfs登录屏幕大约需要1分钟以上。

我已经调试了代码并记录了时间,发现所有代码都可以正常工作,但是身份提供者创建代码要花费超过1分钟的时间。

我不明白为什么要花太多时间。

我将我的代码放在下面,有人可以帮忙吗?

提前谢谢。

try
    {
    CommonUtility.LogMessage("Start at:" + DateTime.Now);
    string adfsUrl = System.Configuration.ConfigurationManager.AppSettings["ADServer"] ?? "";
    if(string.IsNullOrEmpty(adfsUrl))
    {
    CommonUtility.LogMessage("no adfs server found in config");
    return RedirectToAction("Login", "Account", string.Empty);
    }

        string requestUrlScheme = System.Configuration.ConfigurationManager.AppSettings["ADInstance"] ?? "https";
        string federationUrl = System.Configuration.ConfigurationManager.AppSettings["ADFSMetaData"] ?? "";

        CommonUtility.LogMessage("metdaDataUrl=" + federationUrl);

        string trustUrl = string.Format("{0}/adfs/services/trust", adfsUrl);

        CommonUtility.LogMessage("trustURL=" + trustUrl);

        var idps = Kentor.AuthServices.Mvc.AuthServicesController.Options.IdentityProviders.KnownIdentityProviders;
        foreach (var idpItem in idps)
        {
            CommonUtility.LogMessage("existing ENtity ID=" + idpItem.EntityId.Id);
            if (idpItem.EntityId.Id.Equals(trustUrl))
            {
                Kentor.AuthServices.Mvc.AuthServicesController.Options.IdentityProviders.Remove(idpItem.EntityId);
                CommonUtility.LogMessage("removed existing entity at:" + DateTime.Now);
            }
        }

        var spOptions = CreateSPOptions(requestUrlScheme);

        CommonUtility.LogMessage("SP option created at:" + DateTime.Now);

        Kentor.AuthServices.IdentityProvider idp = null;


        **idp = new Kentor.AuthServices.IdentityProvider(new EntityId(trustUrl), spOptions)
        {
            AllowUnsolicitedAuthnResponse = true,
            LoadMetadata = true,
            MetadataLocation = federationUrl,

        };**
        CommonUtility.LogMessage("idp added at:" + DateTime.Now);
        if (Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.EntityId == null)
            Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.EntityId = new EntityId(string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "AuthServices"));
        else
            Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.EntityId.Id =
                      string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "AuthServices");


        CommonUtility.LogMessage("AuthServicesURL=" + string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "AuthServices"));

        Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.ReturnUrl =
            new Uri(string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "SAMLAuthentication/SAMLResponse"));

        CommonUtility.LogMessage("SAMLResponseURL=" + string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "SAMLAuthentication/SAMLResponse"));


        Kentor.AuthServices.Mvc.AuthServicesController.Options.IdentityProviders.Add(idp);
        CommonUtility.LogMessage("redirect times:" + DateTime.Now);
        return RedirectToAction("SignIn", "AuthServices", new { idp = trustUrl });

    }
    catch (Exception ex)
    {
        CommonUtility.LogException(ex);
        throw ex;

    }

1 个答案:

答案 0 :(得分:0)

使用“ LoadMetadata”时,IdentityProvider对象将在构造时从远程地址加载元数据。如果我没记错的话,这是同步完成的,以便能够将错误报告为异常。下载元数据是否需要时间(或设置超时)?

相关问题
最新问题