Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Brock Allen
    @brockallen
    to help devs quickly setup a user database for testing, for example
    some people try to use it as their main user editor UI, and while nothing stops you, it’s not designed for that
    so YMMV
    Andy
    @AndySmiffy
    Yep, I know - understand. I was also going to use it in pre-prod in order to set up the initial administrators, then uninstall - my admin portal requires an initial user with an admin claim in order to log in.
    Brock Allen
    @brockallen
    yep
    you do need some sort of bootstraping
    and this would work
    direct DB access sort of trumps evertyhing else :)
    Andy
    @AndySmiffy
    Lol it does - as mentioned I've worked around it by adding the package to source control, so no biggie. Thanks :)
    Astimus
    @Astimus
    Hi, guys. I downloaded IdentityManager example from github https://github.com/IdentityManager/IdentityManager
    But after start I see error in browser: HTTP Error 403.14 - Forbidden The Web server is configured to not list the contents of this directory.
    CuongPham459
    @CuongPham459
    Hi everyone, I'm learning how to implement IdentityServer3, and I have a question: when I started running with AspNetIdentity in IdentityServer3.Samples-master source, the application was started and displayed 2 link IdentityServer Welcome Page( /core) and IdentityManager User Administration(/admin). So when I clicked on IdentityManager User Administration, I viewed the header in network (F12) which was assigned a token bearer + token. Where was this token generated from ? Many thanks
    Michael Vlaar
    @michaelvlaar
    This message was deleted
    This message was deleted
    Michael Vlaar
    @michaelvlaar

    I'm currently using IdentityManager together with MembershipReboot and IdentityServer.

    I wan't to use Active Directory to login to IdentityManager.
    The IdentityServer must use local MembershipReboot, Facebook and my Active Directory.

    I cannot get the active directory working on both (IdSrv and IdMgr) at the same time, only one at a time. How do I need to configure my startup.cs?

    My current startup.cs:

            public void Configuration(IAppBuilder app)
            {
                LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
                Log.Logger = new LoggerConfiguration()
                   .MinimumLevel.Debug()
                   .WriteTo.Trace()
                   .CreateLogger();
    
                var connectionString = "MembershipReboot";
    
                app.UseCookieAuthentication(new Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions
                {
                    AuthenticationType = "Cookies",
                });
    
                app.UseWsFederationAuthentication(new Microsoft.Owin.Security.WsFederation.WsFederationAuthenticationOptions
                {
                    AuthenticationType = "aadfs",
                    Caption = "AD",
                    SignInAsAuthenticationType = "Cookies",
                    MetadataAddress = "<meta-address>",
                    Wtrealm = "spn:<client-id>",
                });
    
                app.Map("/admin", adminApp =>
                {
                    var factory = new IdentityManagerServiceFactory();
                    factory.Configure(connectionString);
    
                    adminApp.UseIdentityManager(new IdentityManagerOptions()
                    {
                        Factory = factory,
                        SecurityConfiguration = new HostSecurityConfiguration()
                        {
                            HostAuthenticationType = "Cookies",
                            NameClaimType = System.Security.Claims.ClaimTypes.Name,
                            RoleClaimType = System.Security.Claims.ClaimTypes.Role,
                            AdminRoleName = "administrator",
                        }
                    });
                });
    
                app.Map("/core", core =>
                {
                    var idSvrFactory = Factory.Configure();
                    idSvrFactory.ConfigureCustomUserService(connectionString);
    
                    var options = new IdentityServerOptions
                    {
                        SiteName = "IdentityServer3 - UserService-MembershipReboot",
                        SigningCertificate = Certificate.Get(),
                        Factory = idSvrFactory,
                        AuthenticationOptions = new AuthenticationOptions
                        {
                            IdentityProviders = ConfigureAdditionalIdentityProviders,
                        }
                    };
    
                    core.UseIdentityServer(options);
                });
            }
           public static void ConfigureAdditionalIdentityProviders(IAppBuilder app, string signInAsType)
            {
                app.UseWsFederationAuthentication(new Microsoft.Owin.Security.WsFederation.WsFederationAuthenticationOptions
                {
                    AuthenticationType = "aadfs",
                    Caption = "AD",
                    SignInAsAuthenticationType = signInAsType,
                    MetadataAddress = "<meta-address>",
                    Wtrealm = "spn:<client-id>",
                });
    }

    Do you guys know how to configure it? I've also got 2 times the "AD" login option (i couldn't get it working with only one).

    Bradley R
    @rogersbrad
    I had tried to get both working, and asked experts who said in the case of what I was trying, it cannot be done. I had to create a custom login method.
    @Astimus YES thats the reason Im here now. For days I've been trying to get this running. Cannot find any documentation to get past this
    Daniel Wagner
    @danielwagn3r
    Is there any sample of IdentityManager configured to use IIS Windows Authentication? I only found #146 which looks pretty complicated to me.
    Daniel Wagner
    @danielwagn3r
    The WsFederationAuthentication isn't an option, as we don't use ADFS
    csaam
    @csaam

    Following the video here I had no problem creating a bootstrap auth for the admin to IdentityManager. However, I can't get the dang session cookie to go away when the browser closes. Relevant code is below.

    https://vimeo.com/125427106

    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
    AuthenticationType = "Cookies",
    LoginPath = new PathString("/home/Login"),
    });

    .....
    adminApp.UseIdentityManager(new IdentityManagerOptions
    {
    Factory = factory,
    SecurityConfiguration = new HostSecurityConfiguration()
    {
    HostAuthenticationType = "Cookies",
    NameClaimType = Constants.ClaimTypes.Name,
    RoleClaimType = Constants.ClaimTypes.Role,
    AdminRoleName = "SynectUserAdmin",
    }
    });

    [HttpPost]
    public ActionResult Login(string username, string password, string returnUrl)
    {
    var synectUserAdminName = ConfigurationManager.AppSettings["SynectUserAdminName"];
    ;
    var synectUserAdminPassword = ConfigurationManager.AppSettings["SynectUserAdminPassword"];

            if (string.Equals(username, synectUserAdminName, StringComparison.OrdinalIgnoreCase) &&
                password == synectUserAdminPassword)
            {
                var authentication = Request.GetOwinContext().Authentication;
                var claims = new[]
                {
                    new Claim("email", "SynectUserAdmin@synectmedia.com"),
                    new Claim("role", "SynectUserAdmin")
                };
                var id = new ClaimsIdentity(claims, "Cookies");
    
                authentication.AuthenticationResponseGrant = 
                    new AuthenticationResponseGrant(id, new AuthenticationProperties
                {
                    IsPersistent = false,
    
                });
                authentication.SignIn(id);
    
            }
            return View();

    }

    human3820917
    @human3820917
    Is Identity Manager a replacement for ASP.NET Identity?
    csaam
    @csaam

    What I found is that there are three different places the token winds up. In the Set-Cookie header first. This gets copies to .Asp.Cookies. Then it gets copied into an auth header somehow and keeps showing up even when the session has been closed. I found I could actually delete that header on start to force the session to expire but that is really hacky.

    I could see what was happenening when I replaced the cookieprovider with a custom pass through and checked the Request and Response during startup and login.

    csaam
    @csaam

    Another thing I wish I had more guidance on was customizing the UI. I'd like to control how properties are displayed. For instance some properties like Tenant would be nice to display as read only during development. Also having combo boxes or radio buttons through attribute usage would be nice. Is there anyway to at least add custom validators? We'd like to skin the IM UI too.

    Speaking of skinning I did it for the login from IdentityManager for the user admin and also for regular users in IdentityServer3 but the two flows are so different. IdentityManager I did a controller while IdentityServer3 I used a custom IViewService. It would be great if those two things could be done in a common way.

    Mark Belfer
    @h8tow82_twitter
    hello everyone, does anyone knows what is the minimum IE version that is supported with javascript oidc-client.js (1.0.1 build)
    Cristian Eriomenco
    @cristian-eriomenco
    Does anyone know why in browser the cookie expiration displays as Session. I've setup it to a timespan but cannot get browser displaying that figure
    ?
    theCuriousOne
    @theCuriousOne
    Wow a slow room :(
    @h8tow82_twitter I believe the min is Edge (vs 13+), but with babel-polyfill you can use it for IE9 and IE 10, because in the IE don't support promises (hope I am not to late)
    @cristian-eriomenco I don't quite understand. Can you make a screen shot and tell us how it is now and how you wanted to be?
    Steven Packham
    @spackham
    This message was deleted
    This message was deleted
    This message was deleted
     I created that JS Graph JPG of the angular code for IdentityManager if your interested in adding it to your Wiki Brock, go for it? It took me a bit to get it arranged, using Chrome's AngularJS Graph, but it makes it a bit clearer when trying to debug into the functionality.  
    
       Also I noticed when trying to debug I had to go out and hunt down the non min oidc-token-manager.js, at https://github.com/IdentityModel/oidc-token-manager and then when trying to bundle in this on VS2015 the new WebEsentials had taken out the "Bundler Minifier" and changed it to it's own extension.  Wondering if your interested in getting the new bundler file's/method attached to the project? If I understand what happened correctly.  
    
     Anyways I finally got a new non min token manager and making progress.  Still have token.expired but I am making progress.
    Author: Mads Kristensen - Bundler & Minifier
    https://visualstudiogallery.msdn.microsoft.com/9ec27da7-e24b-4d56-8064-fd7e88ac1c40
    vipul garg
    @vipulgarg88_twitter
    is there option to modify tt-property-editor used in uder edit screen
    "tt-property-editor"
    Aram Kocharyan
    @arkoc
    Hi guys. Is there any to-do list of IdentityManager. I would like to contribute to this project.
    Claudio Barca
    @clabnet
    Hi all, two web applications A and B. Can I define the same user with "Admin" role on app A and "User" role on app B ? How to ?
    Bruno Casarotti
    @brunocasarotti
    Hi guys, does this project still active?
    Is there any samples of how to use IdentityManagerMetadata?
    Bruno Casarotti
    @brunocasarotti
    when I create an user and set an email for it, it is created with email confirmed. How can I change it in order to create an user and not set the email confirmed flag?
    Janardhan
    @Janidbest
    current status: inactive, and no longer supported (https://github.com/IdentityManager/IdentityManager)
    I believe they are having a commercial version of the same/similar for administration (https://www.identityserver.com/documentation/admin-ui/)
    Every Identity server instance needs an administration tool after the deployment for maintenance or alternate having api's to manage from an another application..! I believe IdentityServer4.Admin should go further to support this..
    Dan Miser
    @danmiser
    I have an ASP.NET MVC5 app using ASP.NET Identity. I added in IdentityManager.AspNetIdentity with a custom (but simple) HostSecurityConfig that allows admins to access /idm. After logging in with an admin account, I now don't see the links for All Users, New User, etc. If I go to https://localhost/mywebapp/idm/api it gives me a 401. Any thoughts on how best to figure out where things are going off the rails?
    vanbukin
    @vanbukin
    @sc
    Keith Andrew Hill
    @vic10us
    Hello all :)
    Keith Andrew Hill
    @vic10us
    With IdentityManager2, will there be an similar update to IdentityAdmin ? or are we forced to move to AdminUI?
    Scott Brady
    @scottbrady91_twitter
    Hi Keith! No, there won't be any IdentityServer administartion UI added to IdentityManager2.
    AdminUI is the only official administration tool for IdentityServer4 and it's a little different that just html on top of tables ;)
    Ryan Valenzuela Alvar
    @alvar_ryan_twitter
    Xzcvbjkllmvb.
    Chaos
    @ChaosEngine
    Hi @brockallen , all! I've just created new PR IdentityManager/IdentityManager2#8 which hopefully allow IDentityManager2 to be more configurable and to be served from different paths and with custom configured auth/author options. Added some mvc routing convention and two SecurityConfiguration options for that. Hope for it to be a good change :-)