实施ADFS 2.0 SSO后,使用C#更新/处理Active Directory用户帐户
[英]Update/Handle Active Directory user account using C# when ADFS 2.0 SSO is implemented
问题描述
Can I update/handle Active Directory user account using C# when ADFS 2.0 SSO is implemented? 
实施ADFS 2.0 SSO后,是否可以使用C#更新/处理Active Directory用户帐户?
Or once user get response from SSO ie token/fault do I need to access Active Directory using LDAP connection for checking user status and badpassword-answer count? 还是一旦用户从SSO获得响应(即令牌/故障),我是否需要使用LDAP连接访问Active Directory来检查用户状态和错误密码回答计数?
1 个解决方案
解决方案1
1 2015-02-15 19:13:39
Once ADFS authenticates, you are into the token flow and redirect to RP and you don't get a chance to intercept so whatever custom code you want needs to come first. 一旦ADFS身份验证,您就进入了令牌流并重定向到RP,并且您没有机会进行拦截,因此无论您要使用哪种自定义代码,都必须先进行。
Do all your AD stuff and then call the ADFS authentication. 完成所有AD工作,然后调用ADFS身份验证。
Warning: ADFS 3,0 upwards does NOT use IIS so there is no upgrade path for this custom code. 警告:ADFS 3,0向上不能使用IIS所以这个自定义代码升级途径。
Update : 更新 :
in SubmitButton_Click in FormsSignIn: 在FormsSignIn的SubmitButton_Click中:
Do your LDAP stuff then: 然后执行LDAP的工作:
try
{
SignIn( UsernameTextBox.Text, PasswordTextBox.Text );
}
catch ( AuthenticationFailedException ex )
{
// Check for lockout. password expired etc.
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.