我尝试做的是访问从ADFS登录返回的用户声明。 ADFS返回用户名,使用该用户名,我必须向另一个DB运行查询以获取用户信息并存储它。我真的不知道该怎么做以及最佳做法是什么。我可以在视图控制器中访问用户声明,如:
public ActionResult Index()
{
var ctx = Request.GetOwinContext();
ClaimsPrincipal user = ctx.Authentication.User;
IEnumerable<Claim> claims = user.Claims;
return View();
}
但我需要做的就是我在global.asax.cs或startup.cs中说访问声明,以便在应用程序运行之前存储用户信息。
这是我的Startup.Auth.cs文件:
public partial class Startup
{
private static string realm = ConfigurationManager.AppSettings["ida:Wtrealm"];
private static string adfsMetadata = ConfigurationManager.AppSettings["ida:ADFSMetadata"];
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(WsFederationAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(
new CookieAuthenticationOptions
{
AuthenticationType = WsFederationAuthenticationDefaults.AuthenticationType
});
app.UseWsFederationAuthentication(
new WsFederationAuthenticationOptions
{
Wtrealm = realm,
MetadataAddress = adfsMetadata
});
}
}
答案 0 :(得分:1)
我们在启动文件中为WsFederationAuthenticationOptions值添加一个事件处理程序。
在验证安全令牌后立即发生这种情况。
app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions()
{
MetadataAddress = MetadataAddress,
Wtrealm = Wtrealm,
Wreply = CallbackPath,
Notifications = new WsFederationAuthenticationNotifications()
{
SecurityTokenValidated = (ctx) =>
{
ClaimsIdentity identity = ctx.AuthenticationTicket.Identity;
DoSomethingWithLoggedInUser(identity);
}
}
};