Comments (3)
Testing this with WS-Federation shows that the issue has been resolved.
from systemweb-adapters.
Thanks for reporting this, @TheJayMann. It looks like the shared auth support isn't working quite right with WS-Fed auth. /systemweb-adapters/authenticate
is the endpoint that serves authentication information from the ASP.NET app (the ASP.NET Core app will call it from its remote app auth handler) but users shouldn't be re-directed back to that URL (since, as you've discovered, it will fail with 407 for any requests not coming from the ASP.NET Core app).
For other auth scenarios (ASP.NET Identity cookie auth), there's logic in the auth handler to actually intercept redirects to /systemweb-adapters/authenticate and rewrite them. It seems that isn't working for the WS-Fed scenario, though. Probably it's because the auth process actually redirects away from the site entirely and when the STS redirects back the 'redirect back to' URL it was given is /systemweb-adapters/authenticate and the result processor that usually fixes up redirects won't apply.
I've got some ideas of how we might be able to solve this. One option would be to include the "real" re-direct URI in a query string when calling /systemweb-adapters/authenticate and then look for that when the redirect comes back. Whether that works or not would depend on whether or not query strings persist through auth and redirection. Another option would be to just allow users to configure a URL that should be used instead if an auth process tries to redirect to /systemweb-adapters/authenticate.
I'll investigate this week and report back with what I find and which options seem the most promising.
from systemweb-adapters.
It looks like OIDC cookie scenarios (like using AAD B2C from an MVC app) has a similar problem, which is nice since that's an easier scenario to repro (no need to set up an STS). It seems the common thing that doesn't work well is the flow of the ASP.NET app having to redirect to an external site for authentication and then handle a redirect when auth is complete. I'll work on getting a fix together.
from systemweb-adapters.
Related Issues (20)
- Add Missing API HttpResponse.HeadersWritten HOT 3
- Ask About HttpServerUtility.TransferRequest HOT 3
- Ask About HtmlTextWriter
- Session State is not working or Could not redirect to WebForms page. HOT 25
- Improve documentation for remote authentication with Blazor HOT 2
- Remote client SSL verification error HOT 1
- HttpCookie urlencodes cookie values HOT 5
- Remove AD0001 suppression when updating to rc2 HOT 1
- HttpContext.Current should not be read-only HOT 4
- HttpRuntime.Cache throws "System.InvalidOperationException: No runtime is currently available" in unit tests HOT 14
- HttpApplicationMiddleware is used even not setting app.UseSystemWebAdapters
- Sharing Session State Between Webforms Application and Blazor Server Application - Current Problems, Future Design Goals
- Dependency Issue: Could not load file or assembly Microsoft.Extensions.Options HOT 1
- Update time provider to RTM when available
- Don't set content-type if not content HOT 2
- HttpPostedFile missing SaveAS method ? HOT 4
- Guidance on various IdentityModel implementations, and Session sharing for Blazor HOT 1
- Sharing Session between .NET Framework application and .Net7 application is not working HOT 12
- System.Web.HttpContext.Session is null with SystemWebAdapters v1.3.0 on .Net 8 after upgrading the 1.20 version on .Net 6. HOT 4
- Exposing GetService method inside HttpContextWrapper HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from systemweb-adapters.