Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Sample web.config that demonstrates how the previously created web.2.0.config file (https://gist.github.com/sjwaight/7508374) can be updated to support claims-based authentication.
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<appSettings>
<add key="ida:FederationMetadataLocation" value="https://localhost/idsrv/FederationMetadata/2007-06/FederationMetadata.xml" />
<add key="ida:Realm" value="https://localhost/authdemoapp/secured/" />
<add key="ida:AudienceUri" value="https://localhost/authdemoapp/secured/" />
</appSettings>
<connectionStrings>
<!-- you'll need to change this to match your server - the one below is using the default local instance with Windows Auth. -->
<add name="aspnetmembers" connectionString="server=.;initial catalog=AuthDemoApp;Integrated Security=SSPI"/>
</connectionStrings>
<system.web>
<httpRuntime targetFramework="4.5" requestValidationMode="4.5" />
<compilation debug="true" targetFramework="4.5.1"/>
<authentication mode="None"/>
<roleManager defaultProvider="SqlProvider"
enabled="true"
cacheRolesInCookie="true"
cookieName=".ASPROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="true"
cookieSlidingExpiration="true"
cookieProtection="All">
<providers>
<add name="SqlProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="aspnetmembers"
applicationName="AuthDemoApp"/>
</providers>
</roleManager>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
</system.web>
<system.webServer>
<modules>
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
</modules>
</system.webServer>
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="https://localhost/authdemoapp/secured/" />
</audienceUris>
<securityTokenHandlers>
<add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</securityTokenHandlers>
<certificateValidation certificateValidationMode="None" />
<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
<authority name="http://identityserver.v2.thinktecture.com/trust/claimsdemo">
<keys>
<add thumbprint="42458679ECD5F89F51FD126BE3F2F4408464C936" />
</keys>
<validIssuers>
<add name="http://identityserver.v2.thinktecture.com/trust/claimsdemo" />
</validIssuers>
</authority>
</issuerNameRegistry>
</identityConfiguration>
</system.identityModel>
<system.identityModel.services>
<federationConfiguration>
<cookieHandler requireSsl="true" />
<wsFederation passiveRedirectEnabled="true" issuer="https://localhost/idsrv/issue/wsfed" realm="https://localhost/authdemoapp/secured/" requireHttps="true" />
</federationConfiguration>
</system.identityModel.services>
</configuration>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment