All geek questions in one place

Why is FederatedAuthentication.WSFederationAuthenticationModule null in Azure ACS Federated Authentication MVC?

I am trying to combine FederatedAuthentication with .NET 4.5, MVC 4 and active forwarding using a custom server login page using the code in this tutorial and this sample code.

Redirecting to the LogOn method of my AccountController works fine, and the method looks like this:

public ActionResult LogOn() { HrdClient hrdClient = new HrdClient(); WSFederationAuthenticationModule fam = FederatedAuthentication.WSFederationAuthenticationModule; /*** Fails here because this is null **/ HrdRequest request = new HrdRequest(fam.Issuer, fam.Realm, context: Request.QueryString["ReturnUrl"]); IEnumerable<HrdIdentityProvider> hrdIdentityProviders = hrdClient.GetHrdResponse(request); ViewData["Providers"] = hrdIdentityProviders; return View(); }

This does not work because FederatedAuthentication.WSFederationAuthenticationModule is null.

Using VS 2012, I launched a new authentication and access wizard (which seems to replace the old STS dialog). This gave me the FederationMetadata folder, which looks correct, and a few changes in my Web.Config. In particular, the module section is as follows:

 <system.webServer> <validation validateIntegratedModeConfiguration="false" /> <modules runAllManagedModulesForAllRequests="true"> <add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" /> <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" /> </modules>

And, seeing the answers of SO 8937123 and 8926099 , I added the following as well:

  <httpModules> <add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" /> </httpModules>

And finally, in my nuget package set, Microsoft.IdentityModel is displayed, which the MVC application correctly references:

 <packages> <package id="Microsoft.IdentityModel" version="6.1.7600.16394" targetFramework="net45" /> </packages>

I also saw this question regarding social.msdn, which seems to suggest that you need to start the STS dialog.

Can someone explain why FederatedAuthentication.WSFederationAuthenticationModule will be null, and what can I do to prevent this from happening?

+4
source share
1 answer

I managed to fix this, and since there are several unanswered questions on SO, I will leave the question and send my own answer.

The problem is related to updating the MVC application to .NET 4.5. Most WIF functionality remains unchanged (at least on the surface), but all classes are moved to different assemblies. I fixed my problem according to the migration recommendations here: http://msdn.microsoft.com/en-us/library/jj157089.aspx

The most important thing is to remove the old links to the Microsoft.IdentityModel package (v 3.5.0) and make sure that they are replaced by the same links to the System.IdentityModel and System.IdentityModel.Services dll, which must be version 4.0, and come from the GAC, not from an external package.

My steps to fix were:

  • Clean up any junk files that I added to Web.Config and run the default MVC configuration file again.
  • Remove the Microsoft.IdentityModel package and remove the dll link
  • Launch Access and Identity Wizard in VS 2012
  • Duplicate the System.IdentityModel.Services.WSFederationAuthenticationModule link from <system.webServer><modules> to <system.web><httpModules>
  • Add <authentication mode="Forms"><forms loginUrl="~/Account/LogOn" /></authentication>
  • Compile, experience, become a little jig of delight ...

And it got the original WIF3.5 / MVC3 code sample running under .NET 4.5

+12
source

Source: https://habr.com/ru/post/1391832/

More articles:


All Articles