My ultimate goal is to add SSO (WS-Fed) to an existent Web Forms application (let's call it OrigApp). I already have my app (SP)'s relying party trust ready.
My strategy is first to create an off-the-shelf Web Forms app (let's call it NewApp), and then I will add all appropriate code from OrigApp.
I have already created the Web Forms NewApp (.NET Framework 4.7.2) with the appropriate IdP and my app (SP) urls.
I have tested it and SSO works just fine.
Before I add the code from OrigApp, i am inspecting the code in NewApp, I noticed the following, and I have some questions (listed at the end of the things noticed):
web.config now has a whole bunch of references to assemblies (Microsoft.IdentityModel.Tokens, Microsoft.IdentityModel.Tokens.Saml, Microsoft.IdentityModel.Protocols.OpenIdConnect, Microsoft.IdentityModel.Protocols, etc) to support SSO. This makes sense.
Global.asax.cs has this on Application_Start():
void Application_Start(object sender, EventArgs e)
{
// Code that runs on application startup
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
}
- There is now a Startup.cs
public partial class Startup { public void Configuration(IAppBuilder app) { ConfigureAuth(app); } }
ConfigureAuth() is in StartupAuth.cs :
public partial class Startup { private static string realm = ConfigurationManager.AppSettings["ida:Wtrealm"]; private static string adfsMetadata = ConfigurationManager.AppSettings["ida:ADFSMetadata"];
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseWsFederationAuthentication(
new WsFederationAuthenticationOptions
{
Wtrealm = realm,
MetadataAddress = adfsMetadata
});
// This makes any middleware defined above this line run before the Authorization rule is applied in web.config
app.UseStageMarker(PipelineStage.Authenticate);
}
}
As I said before, I have tested NewApp and SSO works. My question is, where is the SSO config being called?
As far as I know, ASP.NET will first Application_Start() in Global.asax.cs, which, as I shown above, I don't see that any code from the Startup.cs is called from Application_Start() in Global.asax.cs.
I read that with .NET 5 Startup.cs is used in a similar way than Global.asax.cs Is .Net Framework 4.7.2 considered .NET 5? or is Startup.cs being called by the .Net Framework in 4.7.2 already?
If so, does it call Application_Start() from Global.asax.cs first, and then which method in Startup.cs? Configuration?
public partial class Startup { public void Configuration(IAppBuilder app) { ConfigureAuth(app); } }
So in summary, I need to understand where exactly is the code that handles the SSO called? I also checked Default.aspx.cs and it is empty.
CodePudding user response:
Could you specify the packages name and exact verions that you have installed? From what I see, I suspect that you might have installed wrong packages that only support ASP.NET MVC (That's why Startup.cs was created).This Startup.cs is heavily related to MVC and nothing to do with Web Forms. So if the extensions that you trying to use only support registering in Startup.cs instead of Global.asax. I don't think it would work for ASP.NET Web Forms.
CodePudding user response:
Tm Son, Here is the web.config file created by VS:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<appSettings>
<add key="ida:ADFSMetadata" value="https://xxxx/FederationMetadata/2007-06/FederationMetadata.xml" />
<add key="ida:Wtrealm" value="https://xyz/myapp/" />
</appSettings>
<location path="Account">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?" />
</authorization>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2" />
<pages>
<namespaces>
<add namespace="System.Web.Optimization" />
</namespaces>
<controls>
<add assembly="Microsoft.AspNet.Web.Optimization.WebForms" namespace="Microsoft.AspNet.Web.Optimization.WebForms" tagPrefix="webopt" />
</controls>
</pages>
</system.web>
<system.webServer>
<modules>
<remove name="FormsAuthentication" />
</modules>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-5.5.0.0" newVersion="5.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Tokens.Saml" publicKeyToken="31BF3856AD364E35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.5.0.0" newVersion="5.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Protocols.OpenIdConnect" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-5.5.0.0" newVersion="5.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Protocols" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-5.5.0.0" newVersion="5.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Protocols.WsFederation" publicKeyToken="31BF3856AD364E35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.5.0.0" newVersion="5.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-5.5.0.0" newVersion="5.5.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer " />
</compilers>
</system.codedom>
</configuration>
Also, I see there is a packages.config file with these contents:
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Antlr" version="3.5.0.2" targetFramework="net472" />
<package id="AspNet.ScriptManager.bootstrap" version="3.4.1" targetFramework="net472" />
<package id="AspNet.ScriptManager.jQuery" version="3.4.1" targetFramework="net472" />
<package id="bootstrap" version="3.4.1" targetFramework="net472" />
<package id="jQuery" version="3.4.1" targetFramework="net472" />
<package id="Microsoft.AspNet.FriendlyUrls" version="1.0.2" targetFramework="net472" />
<package id="Microsoft.AspNet.FriendlyUrls.Core" version="1.0.2" targetFramework="net472" />
<package id="Microsoft.AspNet.ScriptManager.MSAjax" version="5.0.0" targetFramework="net472" />
<package id="Microsoft.AspNet.ScriptManager.WebForms" version="5.0.0" targetFramework="net472" />
<package id="Microsoft.AspNet.Web.Optimization" version="1.1.3" targetFramework="net472" />
<package id="Microsoft.AspNet.Web.Optimization.WebForms" version="1.1.3" targetFramework="net472" />
<package id="Microsoft.CodeDom.Providers.DotNetCompilerPlatform" version="2.0.1" targetFramework="net472" />
<package id="Microsoft.IdentityModel.JsonWebTokens" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Logging" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Protocol.Extensions" version="1.0.4.403061554" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Protocols" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Protocols.OpenIdConnect" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Protocols.WsFederation" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Tokens" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Tokens.Saml" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Xml" version="5.5.0" targetFramework="net472" />
<package id="Microsoft.Owin" version="4.0.1" targetFramework="net472" />
<package id="Microsoft.Owin.Host.SystemWeb" version="4.0.1" targetFramework="net472" />
<package id="Microsoft.Owin.Security" version="4.0.1" targetFramework="net472" />
<package id="Microsoft.Owin.Security.Cookies" version="4.0.1" targetFramework="net472" />
<package id="Microsoft.Owin.Security.WsFederation" version="4.0.1" targetFramework="net472" />
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net472" />
<package id="Modernizr" version="2.8.3" targetFramework="net472" />
<package id="Newtonsoft.Json" version="12.0.2" targetFramework="net472" />
<package id="Owin" version="1.0" targetFramework="net472" />
<package id="System.IdentityModel.Tokens.Jwt" version="5.5.0" targetFramework="net472" />
<package id="WebGrease" version="1.6.0" targetFramework="net472" />
</packages>