堆栈内存溢出
  简体   繁体   English

在ASP.NET MVC中使用客户端证书进行Active Directory身份验证

[英]Active Directory Authentication using Client Certificate in ASP.NET MVC

 原文  2013-08-27 17:50:54       c#/ asp.net/ asp.net-mvc/ ssl/ iis-7

问题描述

I am working on one project where we have to deploy two different application on server, one is Cognos website and other is .NET website. 我正在做一个项目,我们必须在服务器上部署两个不同的应用程序,一个是Cognos网站,另一个是.NET网站。

Now, when request come to web server (IIS) it should asked for Client Certificate Selection, once you choose the client certificate it should go back and check where it is attached with any Active Directory Users or not. 现在,当请求到达Web服务器(IIS)时,它应该要求选择“客户端证书”,一旦选择了客户端证书,它应该返回并检查该证书与任何Active Directory用户连接的位置。

basically i wanted to implement authentication using Active Directory and Client certificate using .NET. 基本上,我想使用Active Directory进行身份验证,并使用.NET进行客户端证书。

Appreciate for any suggestion/direction. 感谢任何建议/指导。

1 个解决方案

解决方案1
 0  2013-08-27 18:07:04

This should work out of the box with no code. 这应该是开箱即用的,不需要任何代码。

First, turn off anonymous access and basic authentication for the website and turn on integrated windows authentication and certificate integration. 首先,关闭网站的匿名访问和基本身份验证,然后打开集成的Windows身份验证和证书集成。

Then, in your asp.net application, set the auth mode to windows. 然后,在您的asp.net应用程序中,将身份验证模式设置为Windows。

Then, turn on SSL for the website and check the option "require client certificate". 然后,打开网站的SSL并选中“需要客户端证书”选项。

http://technet.microsoft.com/pl-pl/library/cc753983%28v=ws.10%29.aspx http://technet.microsoft.com/pl-pl/library/cc753983%28v=ws.10%29.aspx

From now on, when the browser supports certificate integrated authentication and the client machine has the certificate either in the user store (IE) or in the browser store (other browsers), the browser will automatically ask the user to pick up the certificate. 从现在开始,当浏览器支持证书集成身份验证并且客户端计算机在用户存储区(IE)或浏览器存储区(其他浏览器)中都有证书时,浏览器将自动要求用户提取证书。

My advice is to start with integrated windows authentication over SSL but without certificates (do not check "Require client certificates"). 我的建议是从通过SSL而不是证书的集成Windows身份验证开始(不要选中“需要客户端证书”)。 Test with IE and configure the IIS until your users are automatically authenticated without any prompt for credentials. 使用IE进行测试并配置IIS,直到自动验证用户身份而没有任何提示输入凭据的提示。

This is the most troublesome part. 这是最麻烦的部分。 If you have it working, you just turn on the requirement of client certificates. 如果可以使用,则只需打开客户端证书的要求即可。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ASP.NET MVC上的Active Directory身份验证 - Active Directory Authentication on ASP.NET MVC 在 asp.net MVC 中使用活动目录进行身份验证 - Authentication using active directory in asp.net MVC 使用ASP.NET MVC 3和C#的Active Directory身份验证 - Active Directory authentication using ASP.NET MVC 3 and c# 使用Owin中间件进行Active Directory身份验证的ASP.Net MVC - ASP.Net MVC with Active Directory Authentication using Owin Middleware ASP.NET MVC 5:应用程序池,Windows身份验证和Active Directory - ASP.NET MVC 5: App Pool, Windows Authentication and Active Directory ASP.NET MVC身份验证在会话中存储Active Directory组 - Asp.net mvc authentication storing Active Directory groups in a session ASP.NET MVC Active Directory身份验证返回URL问题 - ASP.NET MVC Active Directory Authentication return URL issue 我在ASP.NET MVC 5应用程序中使用Active Directory身份验证吗? - Am I using Active directory authentication in my ASP.NET MVC 5 app? 使用Angular.JS Active Directory身份验证的ASP.NET MVC4应用程序 - ASP.NET MVC4 application using Angular.JS Active Directory Authentication Active Directory ASP.NET在ASP.NET MVC 3中进行身份验证 - active directory asp.net forms authentication in asp.net mvc 3
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM