You can customize
FDOT.Security.STS.Client.Filters.AuthModeAttribute
Standard Attribute Usage¶
[AuthMode(new[]{AuthenticationMode.ad})]
Customizing AuthModeAttribute
Below is an example of overriding the HandleUnauthorizedRequest method to redirect to the STS login page. This is helpful as a filter if you require a particular authentication mode for your application.
public class MyAuthModeAttribute : AuthModeAttribute
{
public MyAuthModeAttribute(AuthenticationMode[] authModes) : base(authModes){}
public MyAuthModeAttribute(AuthenticationMode authMode) : base(new []{authMode}){}
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (AuthorizeCore(filterContext.HttpContext))
{
base.OnAuthorization(filterContext);
}
else
{
HandleUnauthorizedRequest(filterContext);
}
}
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (!Signout(filterContext))
{
filterContext.HttpContext.Response.Redirect("~/Home/Error");
base.HandleUnauthorizedRequest(filterContext);
}
}
private const string logoutString = "{0}?wa=wsignout1.0&wtrealm={1}";
private bool Signout(AuthorizationContext filterContext)
{
if (filterContext != null && filterContext.HttpContext != null && filterContext.HttpContext.Request != null && filterContext.HttpContext.Request.Url!=null)
{
var rootUrl = filterContext.HttpContext.Request.Url.GetLeftPart(UriPartial.Authority);
var signoutUrl = string.Format(logoutString,
FederatedAuthentication.FederationConfiguration.WsFederationConfiguration.Issuer,
HttpUtility.UrlEncode(rootUrl));
FederatedAuthentication.WSFederationAuthenticationModule.SignOut(signoutUrl);
return true;
}
return false;
}
}See Also