leastprivilege
commented
8 years ago It's the callback path of the WS-Federation relying party (wreply).
Open mkramar opened 8 years ago
leastprivilege
commented
8 years ago It's the callback path of the WS-Federation relying party (wreply).
mkramar
commented
8 years ago Thanks for answering :) I'm trying to use WindowsAuthentication server from IdentityServer3. I'm using UseWsFederationAuthentication() on the IdentityServer3 side.
There is WsFederationAuthenticationOptions.CallbackPath propety, as I understand it should match WindowsAuthenticationOptions.IdpReplyUrl, correct?
my confusion:
What is listening at this URL? Is this URL handled by WsFederationMiddleware? Do I have to handle it somehow?
leastprivilege
commented
8 years ago CallbackPath is relative to the app base dir, IdpRreplyUrl is absolute.
Yes - the WSfed middleware is listening.
mkramar
commented
8 years ago I did a bit of debugging and figured out the solution Hope this will help
In WsFederationAuthenticationOptions I had to comment out CallbackPath initialization. This fixed the problem for me. It seems that "was" ending does not matter and there is nothing listening to this specific ending. WsFed middleware is just listening on all requests. From FORM post content it is figuring out if this request should be processed. If CallbackPath is assigned then logic is more complicated and it did not work to me.
I must be missing something fundamental. I've spent a lot of time looking at examples and I still don't understand it. What is WindowsAuthenticationOptions.IdpReplyUrl? What kind of resource it should be pointing to? In your examples it is pointing to "https://localhost:44333/core/was" but I don't see how this endpoint is configured.