问题描述
根据文档,两个模块都将用于创建IClaimsPrincipal的实例.我不明白为什么WIF麻烦使用2个HttpModules而不是1个?抱歉,我是WIF的新手
According to documentation, both module will used to create instance of IClaimsPrincipal. I am not understanding why WIF bother to use 2 HttpModules instead of one? Sorry, I am new in WIF
推荐答案
您不需要两个都在管道中具有 IClaimsPrincipal
.您需要后者,即 SessionAuthenticationModule
.它负责将WIF cookie转换为主体对象(类似于FormsAuthenticationModule对表单cookie所做的工作.)
You don't need both to have the IClaimsPrincipal
in the pipeline. You need the latter, the SessionAuthenticationModule
. It is responsible for converting the WIF cookie into the principal object (similar what FormsAuthenticationModule does with a form cookie).
前一个 WSFederationAuthenticationModule
仅负责从身份提供者到您的应用程序的初始SAML帖子-模块使用该帖子并发布WIF cookie.另外,您也可以使用放在登录表单上的 wif:FederatedPassiveSignIn
控件来做到这一点.
The former, WSFederationAuthenticationModule
is responsible only for the initial SAML post from the indentity provider to your application - the module consumes the post and issues the WIF cookie. Alternatively you can do it with a wif:FederatedPassiveSignIn
control placed on your login form.
当我编写启用WIF的应用程序的代码时,通常只有SAM模块,并且使用登录控件来发布cookie.
When I code WIF-enabled applications, I usually have only the SAM module and I use the login control for issuing cookies.
这篇关于WSFederationAuthenticationModule v/s SessionAuthenticationModule的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!