WSFederationAuthenticationModule.RedirectingToIdentityProvider event is not called

Question

WSFederationAuthenticationModule.RedirectingToIdentityProvider event is not called

I have 2 events in the Global.asax.cs file

WSFederationAuthenticationModule_SecurityTokenValidated and WSFederationAuthenticationModule_RedirectingToIdentityProvider

WSFederationAuthenticationModule_RedirectingToIdentityProvider is not called using the engine. Why?

public class MvcApplication : System.Web.HttpApplication { void WSFederationAuthenticationModule_SecurityTokenValidated(object sender, SecurityTokenValidatedEventArgs e) { FederatedAuthentication.SessionAuthenticationModule.IsSessionMode = true; } void WSFederationAuthenticationModule_RedirectingToIdentityProvider(object sender, RedirectingToIdentityProviderEventArgs e) { //some code } }

This is the microsoft.identityModel section in web.config

 <microsoft.identityModel> <service saveBootstrapTokens="true"> <audienceUris mode="Never"> </audienceUris> <federatedAuthentication> <wsFederation passiveRedirectEnabled="true" issuer="http://localhost/dss.web.sts.tokenbaker/" realm="http://localhost/dss.web.frontend" requireHttps="false" /> <cookieHandler requireSsl="false" /> </federatedAuthentication> <issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"> <trustedIssuers> <add thumbprint="308efdee6453fff68c402e5eceee5b8bb9eaa619" name="servcert" /> </trustedIssuers> </issuerNameRegistry> </service> </microsoft.identityModel>

+4

asp.net wif

VoimiX Jan 19 '12 at 12:35

source share

8 answers

Rastko · Answer 1 · 2012-12-27T08:56:11+0000

You are missing the following lines in the web.config file:

In the configSections element:

 <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>

In the element system.webServer

  <modules> <remove name="FormsAuthentication" /> <add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" /> <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" /> </modules>

Your Uris audience is empty. You must specify your web application so that it can use this function. So add this line:

  <audienceUris> <add value="http://localhost/dss.web.frontend"/> </audienceUris>

If your problems are repeated after this change, you can implement your own authentication module obtained from the WSFederationAuthenticationModule. Something like that:

 public class CustomAuthenticationModule : WSFederationAuthenticationModule { public CustomAuthenticationModule() { base.SecurityTokenReceived += CustomAuthenticationModule_SecurityTokenReceived; } public void CustomAuthenticationModule_SecurityTokenReceived(object sender, SecurityTokenReceivedEventArgs e) { } protected override void OnAuthenticateRequest(object sender, EventArgs args) { base.OnAuthenticateRequest(sender, args); } }

and then only in the configuration change, instead of the WSFederationAuthenticationModule, set the CustomAuthenticationModule with the appropriate namespace and assembly signature. This way you can intercept calls in your delegate.

Hope this helps you.

Rastko

iano · Answer 2 · 2012-04-10T21:46:33+0000

Add the following to your Global.asax.cs file:

 void Application_Start() { FederatedAuthentication.ServiceConfigurationCreated += OnServiceConfigurationCreated; } void OnServiceConfigurationCreated(object sender, ServiceConfigurationCreatedEventArgs e) { FederatedAuthentication.WSFederationAuthenticationModule.RedirectingToIdentityProvider += WSFederationAuthenticationModule_RedirectingToIdentityProvider; }

Credit fooobar.com/questions/1100048 / ...

Shahin dohan · Answer 3 · 2013-04-03T13:21:24+0000

Make sure that you are referencing the WSFederationAuthenticationModule from the new System.IdentityModel.Services namespace.

In my case, I still referenced it from the old Microsoft.IdentityModel.Web namespace after porting the solution to .NET 4.5.

Found my answer here .

klings · Answer 4 · 2012-01-19T13:51:30+0000

Have you noticed that the passiveRedirectEnabled attribute is set to true for an element in your web.config?

Garrett vlieger · Answer 5 · 2012-01-20T13:52:15+0000

It looks like you might lose the WSFederationAuthenticationModule in your configuration. Make sure you have this in system.webServer\modules :

 <add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />

And this is in system.web\httpModules :

 <add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />

Read more here .

Carl G · Answer 6 · 2013-08-08T21:54:52+0000

You can verify that you are referencing a consistent assembly between your web.config module and the Global.asax.cs using statement. Since the type RedirectingToIdentityProviderEventArgs exists both in System.IdentityModel.Services and Microsoft.IdentityModel.Web (as in .NET 4.5), you can add a module from one assembly to web.config, but referring to an event argument from another assembly in Global.asax. CS I think this will fail.

bojingo · Answer 7 · 2013-08-15T18:30:08+0000

My problem was that I had the following modules added for the sections system.web / httpModules and system.webServer / modules.

  <add name="WsFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" /> <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />

Removing items from the system.web / httpModules section resolved the issue, and all events related to the WSFederationAuthenticationModule instance were fired.

Martijn b · Answer 8 · 2015-01-28T11:46:01+0000

For people who subdivide the WSFederationAuthenticationModule and therefore change the module registration name in web.config and use the automatic posting approach (inside global.asax.cs ), you will also need to change the beginning of the method name.

For example, if in system.webServer\modules

there is the following:

 <add name="CustomWsFedModule" type="SomeLib.CustomWSFederationAuthenticationModule" preCondition="managedHandler" />

You will need the following inside global.asax.cs

 public class MvcApplication : System.Web.HttpApplication { void CustomWsFedModule_RedirectingToIdentityProvider(object sender, RedirectingToIdentityProviderEventArgs e) { //some code } }

WSFederationAuthenticationModule.RedirectingToIdentityProvider event is not called

More articles: