使用基于表单的身份验证在ASP.Net Web应用程序上实现单点登录
[英]Implement single sign on ASP .Net Web Application current using forms based authentication
问题描述
We currently have an Asp .Net web application (Framework 4.5) using Forms based authentication. 
我们目前有一个使用基于表单的身份验证的Asp .Net Web应用程序(框架4.5)。 A few of our clients are asking for integration with their applications and does not want to have separate login accounts. 我们的一些客户要求与他们的应用程序集成,并且不想拥有单独的登录帐户。
What would be the best way to implement this? 实施此方法的最佳方法是什么? The solution should be able to validate against different identity providers. 该解决方案应该能够针对不同的身份提供者进行验证。
A consultant has suggested to convert the current web app to be claims-aware but not sure how to proceed with it or where to start . 一位顾问建议将当前的Web应用程序转换为可感知声明的应用程序,但不确定如何继续进行或从何处开始。
Thanks for all your help. 感谢你的帮助。
1 个解决方案
解决方案1
0 2018-01-23 18:42:12
Making an application claims-aware implies adding support for one of: 使应用程序具有声明感知能力意味着增加对以下其中一项的支持:
- WS-Federation WS联合会
- SAML 2.0 SAML 2.0
- OpenID Connect / OAuth OpenID Connect / OAuth
This then enables the application to talk to an IDP for SSO eg ADFS, Azure AD, identityserver, Auth0. 然后,这使应用程序可以与SSO的IDP进行对话,例如ADFS,Azure AD,身份服务器,Auth0。
In the Microsoft world, web apps use the OWIN NuGet packages for WS-Fed (WIF) or OIDC. 在Microsoft世界中,Web应用程序将OWIN NuGet软件包用于WS-Fed(WIF)或OIDC。 For SAML, look here . 对于SAML,请点击此处 。
Desktop apps use ADAL or the later version MSAL. 桌面应用程序使用ADAL或更高版本的MSAL。
ADFS eg only authenticates against AD. 例如,ADFS仅针对AD进行身份验证。 If you want to authenticate against a DB as well, you federate ADFS with eg identityserver or Auth0 both of which have that ability. 如果您还想针对数据库进行身份验证,则可以将ADFS与例如IdentityServer或Auth0联合,两者均具有该功能。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.