我有一个受Siteminder保护的ASP.NET MVC网站。验证后。 Siteminder注入自定义标头值并重定向到我的MVc网站。在这里,我试图解析Global.asax.cs中Application_AuthenticateRequest方法中的标题
//Logging incoming request to check header for debug purposes
protected void Application_BeginRequest(object sender, EventArgs e)
{
Elmah.ErrorSignal.FromCurrentContext().Raise(new ApplicationException("Begin Request. \n REQUEST HEADER =" + HttpContext.Current.Request.Headers.ToString() + " \n"));
}
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (HttpContext.Current.User == null)
{
var smcred = ParseAuthorizationHeader(HttpContext.Current.Request);
if (smcred.Username != null)
{
if (Membership.ValidateUser(smcred.Username, null))
{
FormsAuthentication.SetAuthCookie(smcred.Username, false);
var identity = new GenericIdentity(smcred.Username);
string[] roles = null;// Roles.Provider.GetRolesForUser(smcred.SMUser);
var principal = new GenericPrincipal(identity, roles);
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
}
else
{
Context.Response.StatusCode = 401;
}
}
}
}
/// <summary>
/// Parses the Authorization header and creates user credentials
/// </summary>
/// <param name="actionContext"></param>
protected virtual SiteminderCredentials ParseAuthorizationHeader(HttpRequest request)
{
string authHeader = null;
var smcredential = new SiteminderCredentials();
var auth = request.Headers.Keys; //request.ServerVariables.Keys;
foreach (string LstrKey in auth)
{
switch (LstrKey.ToUpper())
{
case "USER":
smcredential.Username = request.Headers[LstrKey].ToString();
}
}
return smcredential;
}
SiteminderCredentials.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace PerceptorWeb.Models
{
public class SiteminderCredentials
{
public string Username;
public string FirstName;
public string LastName;
public string EmailAddr;
}
}
我在IIS上安装了高级日志记录,我看到自定义标头信息从Siteminder到我的IIS托管站点正常。但是,当我的authenticate_request尝试解析标头时,找不到这些自定义值。
任何帮助都将不胜感激。