Windows>> OWIN-MixedAuth>> 返回
项目作者: MohammadYounes

项目描述 :
Mixed (Windows + Forms) Authentication for OWIN
高级语言: C#
项目地址: git://github.com/MohammadYounes/OWIN-MixedAuth.git
创建时间: 2014-10-18T15:31:21Z
项目社区:https://github.com/MohammadYounes/OWIN-MixedAuth
开源协议:MIT License
下载


OWIN Mixed Authentication

OWIN middleware implementation mixing Windows and Forms Authentication.

mixed-auth

Install with NuGet

  1. PM> Install-Package OWIN-MixedAuth

Running the samples

Before running the samples, make sure to unlock windowsAuthentication section:

IIS

  1. Open IIS Manager, select the server node, then Feature Delegation.

  2. Set Authentication - Windows to Read/Write

    unlock-section

IIS Express

  1. Open applicationhost.config located at:
    • Pre VS2015: $:\Users\{username}\Documents\IISExpress\config
    • VS2015: $(SolutionDir)\.vs\config

  2. Search for windowsAuthentication section and update overrideModeDefault value to Allow.

    1. <section name="windowsAuthentication" overrideModeDefault="Allow" ></section>

Usage

  1. Add reference to MohammadYounes.Owin.Security.MixedAuth.dll

  2. Register MixedAuth in Global.asax

    1. //add using statement
    2. using MohammadYounes.Owin.Security.MixedAuth;
    4. public class MyWebApplication : HttpApplication
    5. {
    6.   //ctor
    7.   public MyWebApplication()
    8.   {
    9.     //register MixedAuth
    10.     this.RegisterMixedAuth();
    11.   }
    12.   .
    13.   .
    14.   .
    15. }

  3. Use MixedAuth in Startup.Auth.cs

    1. //Enable Mixed Authentication
    2. //As we are using LogonUserIdentity, its required to run in PipelineStage.PostAuthenticate
    3. //Register this after any middleware that uses stage marker PipelineStage.Authenticate
    5. app.UseMixedAuth(cookieOptions);

    Important! MixedAuth is required to run in PipelineStage.PostAuthenticate, make sure the use statement is after any other middleware that uses PipelineStage.Authenticate. See OWIN Middleware in the IIS integrated pipeline.

  4. Enable Windows authentication in Web.config

    1. <!-- Enable Mixed Auth -->
    2. <location path="MixedAuth">
    3.  <system.webServer>
    4.    <security>
    5.      <authentication>
    6.        <windowsAuthentication enabled="true" ></windowsAuthentication>
    7.      </authentication>
    8.    </security>
    9.  </system.webServer>
    10. </location>

    Important! Enabling windows authentication for a sub path requires windowsAuthentication section to be unlocked at a parent level.

Importing Custom Claims

Adding custom claims in OWIN-MixedAuth is pretty straightforward, simply use MixedAuthProvider and place your own logic for fetching those custom claims.

The following example shows how to import user Email, Surname and GiveName from Active Directory:

  1. // Enable mixed auth
  2.  app.UseMixedAuth(new MixedAuthOptions()
  3.  {
  4.    Provider = new MixedAuthProvider()
  5.    {
  6.      OnImportClaims = identity =>
  7.      {
  8.        List<Claim> claims = new List<Claim>();
  9.        using (var principalContext = new PrincipalContext(ContextType.Domain)) //or ContextType.Machine
  10.        {
  11.          using (UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(principalContext, identity.Name))
  12.          {
  13.            if (userPrincipal != null)
  14.            {
  15.              claims.Add(new Claim(ClaimTypes.Email, userPrincipal.EmailAddress ?? string.Empty));
  16.              claims.Add(new Claim(ClaimTypes.Surname, userPrincipal.Surname ?? string.Empty));
  17.              claims.Add(new Claim(ClaimTypes.GivenName, userPrincipal.GivenName ?? string.Empty));
  18.            }
  19.          }
  20.        }
  21.        return claims;
  22.      }
  23.    }
  24.  }, cookieOptions);
Please share any issues you may have.