0

我在我的代码中使用“ Kentor.AuthServices.dll ”和“Kentor.AuthServices.Mvc.dll”来允许使用 ADFS 服务器进行单点登录,它工作正常,但问题是它需要超过 1 分钟的时间显示adfs 登录屏幕。

我已经调试了代码并记录了时间,发现所有代码工作正常,但身份提供者创建代码需要 1 分钟以上。

我不明白为什么要花太多时间。

我把我的代码放在下面有人可以帮忙吗?

提前致谢。

try
    {
    CommonUtility.LogMessage("Start at:" + DateTime.Now);
    string adfsUrl = System.Configuration.ConfigurationManager.AppSettings["ADServer"] ?? "";
    if(string.IsNullOrEmpty(adfsUrl))
    {
    CommonUtility.LogMessage("no adfs server found in config");
    return RedirectToAction("Login", "Account", string.Empty);
    }

        string requestUrlScheme = System.Configuration.ConfigurationManager.AppSettings["ADInstance"] ?? "https";
        string federationUrl = System.Configuration.ConfigurationManager.AppSettings["ADFSMetaData"] ?? "";

        CommonUtility.LogMessage("metdaDataUrl=" + federationUrl);

        string trustUrl = string.Format("{0}/adfs/services/trust", adfsUrl);

        CommonUtility.LogMessage("trustURL=" + trustUrl);

        var idps = Kentor.AuthServices.Mvc.AuthServicesController.Options.IdentityProviders.KnownIdentityProviders;
        foreach (var idpItem in idps)
        {
            CommonUtility.LogMessage("existing ENtity ID=" + idpItem.EntityId.Id);
            if (idpItem.EntityId.Id.Equals(trustUrl))
            {
                Kentor.AuthServices.Mvc.AuthServicesController.Options.IdentityProviders.Remove(idpItem.EntityId);
                CommonUtility.LogMessage("removed existing entity at:" + DateTime.Now);
            }
        }

        var spOptions = CreateSPOptions(requestUrlScheme);

        CommonUtility.LogMessage("SP option created at:" + DateTime.Now);

        Kentor.AuthServices.IdentityProvider idp = null;


        **idp = new Kentor.AuthServices.IdentityProvider(new EntityId(trustUrl), spOptions)
        {
            AllowUnsolicitedAuthnResponse = true,
            LoadMetadata = true,
            MetadataLocation = federationUrl,

        };**
        CommonUtility.LogMessage("idp added at:" + DateTime.Now);
        if (Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.EntityId == null)
            Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.EntityId = new EntityId(string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "AuthServices"));
        else
            Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.EntityId.Id =
                      string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "AuthServices");


        CommonUtility.LogMessage("AuthServicesURL=" + string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "AuthServices"));

        Kentor.AuthServices.Mvc.AuthServicesController.Options.SPOptions.ReturnUrl =
            new Uri(string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "SAMLAuthentication/SAMLResponse"));

        CommonUtility.LogMessage("SAMLResponseURL=" + string.Concat(string.Format("{0}://{1}{2}", requestUrlScheme, Request.Url.Authority, Url.Content("~")), "SAMLAuthentication/SAMLResponse"));


        Kentor.AuthServices.Mvc.AuthServicesController.Options.IdentityProviders.Add(idp);
        CommonUtility.LogMessage("redirect times:" + DateTime.Now);
        return RedirectToAction("SignIn", "AuthServices", new { idp = trustUrl });

    }
    catch (Exception ex)
    {
        CommonUtility.LogException(ex);
        throw ex;

    }
4

1 回答 1

0

当您使用“LoadMetadata”时,IdentityProvider 对象将在构建时从远程地址加载元数据。如果我没记错的话,这是同步完成的,以便能够将错误作为异常报告回来。下载元数据是否需要时间(或超时)?

于 2018-11-14T18:40:04.520 回答