I have an existing ASP.NET application and I want it to act as an SAML2 SP using SustainSys SAML2. The documentation says that I should use the web.config file but it gets ignored on .NET Core.
So, how do I start?
I assume I should write a bit of code to my Startup class, but what and where? The thread linked above tells some things but I need more details. How do I set Saml2 as the default challenge protocol for authentication?
I added the code from the documentation (services.AddAuthentication().AddSaml2(...); in void ConfigureServices() and even app.UseAuthorization(); in void Configure()) and when I try to add the [Authorize] attribute to a controller, I get an exception telling me "a middleware was not found that supports authorization. Configure your application startup by adding app.UseAuthorization() inside the call to Configure(..) in the application startup code."
Use the Sustainsys.Saml2.AspNetCore2 package and add it in startup.
Web.config is not used on AspNet Core, you have to configure in startup.
Related
I need to delete a specific cookie when my app starts, before heading to home page.
I had this inside a controller action method, with a redirect to home page, setting up my startup class to use as route template this controller and action method.
However, there must be a way I can set up a method to delete this cookie, and execute it from startup?
In ASP.NET, this would be done in the methods of global.asax (often in Session_Start(...)). Read more here and here.
In ASP.NET Core, the startup.cs class is where all configurations of services are defined, as well as pipeline requests are managed.
You need to make your own custom middleware for this. Middleware is software that's assembled into an app pipeline to handle requests and responses.
There is another SO question on this topic here (with an answer):
ASP .NET Core webapi set cookie in middleware
For more in-depth cookie management look at this article:
https://www.seeleycoder.com/blog/cookie-management-asp-net-core/
More on middleware:
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/middleware/write?view=aspnetcore-2.2
I am trying to insert the localization using PO file. My project is on Asp.Net core and uses Orchard core.
I am following this guide - Configure Portable Object but I have a problem with the initial registration of the localization.
I should add the following code:
services.AddMvc()
.AddViewLocalization(LanguageViewLocationExpanderFormat.Suffix);
Technically, my project should have service.AddMvc() by default, but I am using services.AddOrchardCms() instead.
When I try to call the first code to register the localization:
...
services.AddOrchardCms();
services.AddMvc()..AddViewLocalization(LanguageViewLocationExpanderFormat.Suffix);
...
I receive an error as the application "Can not find the index page" (It actually does not exist as I am using services.AddOrchardCms() and I think they have a conflict).
And, of course, if I don't insert the AddViewLocalization() the PO files don't work.
Does anyone know how can I solve this problem?
AddOrchardCms is internally calling AddMvc, by calling it again you are overwriting Orchard pipline with basic MVC pipeline. Try calling:
services
.AddOrchardCms()
.AddViewLocalization(LanguageViewLocationExpanderFormat.Suffix);
instead.
Bakground:
I want to develop a multi-tenant application in ASP.NET Core and have been looking into Ben Fosters Saaskit library which seems to provide good solutions for common problems in multitenancy applications.
Problem:
The SaasKit have a UsePerTenant method which is nice for doing different things per-request depending on current tenant.
My goal is to use the UsePerTenant method combined with different IOptions objects injected via dependency injection. This can be used in the authentication middleware like
AddAuthentication().AddCookie(..).AddOpenIdConnect(...)
Which is configured in the ConfigureServices method in Startup.cs
public class Startup
{
// Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
...
}
// Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app)
{
...
}
}
I can’t make the authentication middleware in ASP.NET 2.0+ use different IOptions objects per-request since the ConfigureServices method in the Startup.cs file only runs once every application startup and the UsePerTenant method should be used in the Configure method which is running for each incoming/outgoing request in the ASP.NET pipeline.
Question:
How to dynamically change cookie and OpenID Connect options in the ConfigureServices method based on current tenant?
I have found a good way to get per tenant options for any type of ASP.NET Core options, including cookie or openID Connect. I have wrapped this up into a framework called Finbuckle.MultiTenant.
It basically boils down to a setup that looks like this:
services.AddMultiTenant().
WithInMemoryStore()).
WithRouteStrategy().
WithPerTenantOptionsConfig<CookieAuthenticationOptions>((o, tenantContext) => o.Cookie.Name += tenantContext.Id);
See my here for more information if you are curious: https://www.finbuckle.com/MultiTenant
The following PR provides a solution for the above question.
https://github.com/saaskit/saaskit/pull/96
The PR have been merged with the "master" branch now.
It wasn't merged yet (November 2018)
I have been trying to configure my Web API 2, that uses the Startup class to configure the API (OWIN Self-Hosting), for it to support the use of the Session object.
I am aware that a REST application should be statless, but I need to use the session anyway.
I have tried this solution, but it won't work.
I have also looked at multiple blog posts and articles that suggest using a custom RouteHandler that overrides the GetHttpHandler method to use a controller that implements IRequiresSessionState (as explained here). But my startup class uses HttpRouteCollection, and my method MapHttpRoute does not support the property RouteHandler.
I have tried moving the route configuration from my Startup class to the Application_Start in a Global.asax I have added, but it is not working either (the requests are not reaching the controllers).
Any suggestion would be much appreciated!
Thank you
I created a asp.net core rc2 web application with user identity, however i'm confused how the account controller class is getting it's arguments, usermanager, signinmanager? Where are they being passed in from? I follow the call stack and I get external code, what external code is passing in these objects? Help me understand, how these 2 objects are being initialized.
In your Startup.cs you will see a call to this method
services.AddIdentity<ApplicationUser, IdentityRole>()
Afte reading the links on dependency injection suggested by #AndrésRobinet you can actually see where the services are being wired up.
This extension method lives in `IdentityServiceCollectionExtensions - You can then go and look at the source code for this method call (.NET core is on github):
line 67 of the AddIdentity method
services.TryAddScoped<SignInManager<TUser>, SignInManager<TUser>>();
what external code is passing in these objects?
Right-click on External code and click Show External Code - now you can get an idea of what is happening under the hood. the code down to and including the Kestrel webserver is also browsable/downloadable on github
image truncated