使用Active Directory在C#中进行身份验证
[英]Authentication in C# with Active Directory
问题描述
I am trying to create an application that requires user authentication over active directory to return a token, but I am not sure how to use it correctly. 
我正在尝试创建一个需要在活动目录上进行用户身份验证的应用程序来返回令牌,但我不确定如何正确使用它。
I've been looking at Authenticate user by ADFS (Active Directory Federation Service) but I am not sure how to create a Request Security Token or how to use it correctly. 我一直在寻找ADFS验证用户(Active Directory联合身份验证服务),但我不知道如何创建请求安全令牌或如何正确使用它。
Are there any working examples for this available? 有没有可用的工作示例? Any help is appreciated. 任何帮助表示赞赏。
3 个解决方案
解决方案1
1 2015-04-07 04:09:14
It depends on whether you're using WIF or .NET 4.5 System.IdentityModel . 这取决于您使用的是WIF还是.NET 4.5 System.IdentityModel 。
Using WIF: 使用WIF:
string endpointUri = string.Format("https://{0}/adfs/services/trust/13/usernamemixed", _serverName);
var factory = new Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannelFactory(
new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential),
new EndpointAddress(endpointUri));
factory.TrustVersion = TrustVersion.WSTrust13;
if (factory.Credentials != null)
{
factory.Credentials.UserName.UserName = "UserName";
factory.Credentials.UserName.Password = "password";
}
var rst = new RequestSecurityToken
{
RequestType = WSTrust13Constants.RequestTypes.Issue,
AppliesTo = new EndpointAddress(_relyingPartyUri),
KeyType = WSTrust13Constants.KeyTypes.Bearer,
};
var channel = factory.CreateChannel();
SecurityToken token = channel.Issue(rst);
return token;
解决方案2
1 2015-04-07 04:11:31
Using .NET 4.5 System.IdentityModel , you'll need to define the UserNameWSTrustBinding yourself: 使用.NET 4.5 System.IdentityModel ,您需要自己定义UserNameWSTrustBinding:
public class UserNameWSTrustBinding : WS2007HttpBinding
{
public UserNameWSTrustBinding()
{
Security.Mode = SecurityMode.TransportWithMessageCredential;
Security.Message.EstablishSecurityContext = false;
Security.Message.ClientCredentialType = MessageCredentialType.UserName;
}
}
string endpointUri = string.Format("https://{0}/adfs/services/trust/13/usernamemixed", _serverName);
var factory = new WSTrustChannelFactory(new UserNameWSTrustBinding(), endpointUri)
{
TrustVersion = TrustVersion.WSTrust13
};
factory.Credentials.UserName.UserName = "UserName";
factory.Credentials.UserName.Password = "password";
var rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
AppliesTo = new EndpointReference(_relyingPartyUri),
KeyType = KeyTypes.Symmetric
};
var channel = factory.CreateChannel();
return channel.Issue(rst);
解决方案3
1 2015-04-07 17:58:15
It depends on which type of application you are using. 这取决于您使用的应用程序类型。 Authentication over ADFS using WIF comes in two flavors: - Passive authentication using Asp.net web form or MVC. 使用WIF对ADFS进行身份验证有两种形式: - 使用Asp.net Web表单或MVC进行被动身份验证。 You can refer to this article: Claims Aware MVC4 App using WIF Identity and Access tool in .Net 4.5 您可以参考这篇文章: 在.Net 4.5中使用WIF身份和访问工具声明感知MVC4应用程序
- Active authentication when the application is a Web Service like WCF. 当应用程序是像WCF这样的Web服务时的主动身份验证。 This article can help: Claims Aware WCF using WIF in .Net 4.5 本文可以帮助: 声明在.Net 4.5中使用WIF感知WCF
Also depending on the .NET framework you are using, you will need to download either one of the following: - WIF Runtime and WIF SDK for .NET 4.0 - Identity and Access Tool for .NET 4.5 此外,根据您使用的.NET框架,您需要下载以下任一项: - 用于.NET 4.0的WIF运行时和WIF SDK - 用于.NET 4.5的身份和访问工具
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.