修改网站以不使用Active Directory
[英]Modify website to not use Active Directory
问题描述
I am not quite sure how to properly phrase this question so I will do my best to explain my issue. 
我不太确定如何正确表达这个问题,所以我会尽力解释我的问题。
I have a .Net website that works using Active Directory. 我有一个使用Active Directory的.Net网站。 It works great. 效果很好。 No issues. 没有问题。 However I have a need to stand-up a new copy of the website for an office that won't have access to Active Directory. 但是,我需要为将无法访问Active Directory的办公室维护网站的新副本。
I am trying to come up with any possible solutions that will allow me to accomplish this without having to rewrite large portions of our user code base. 我正在尝试提出任何可能的解决方案,这些解决方案将使我无需重写大部分用户代码库即可完成此任务。
I might have to accept the fact this might take a lot of work but I figured I would try to explore any possible options before I jump into that. 我可能不得不接受这样一个事实,即这可能需要大量工作,但是我认为在尝试之前,我会尝试探索任何可能的选择。
2 个解决方案
解决方案1
1 2018-05-04 20:36:56
Depending how the site is built, you might be able to set up an AD LDS instance on the web server that would mimic some of the services AD provides. 根据网站的构建方式,您也许可以在Web服务器上设置一个AD LDS实例,该实例将模仿AD提供的某些服务。 OpenLDAP might do something similar. OpenLDAP可能会执行类似的操作。
You still probably need to change some things on the site, but this might let you get by with changing a lot less. 您可能仍然需要更改网站上的某些内容,但这可以让您少做很多更改。
解决方案2
1 2018-05-04 21:02:35
Does the user : 用户是否:
-Access an IIS hosted site via windows authentication (like on an Intranet) ? -通过Windows身份验证访问IIS托管站点(例如Intranet)?
-Access an IIS hosted site using Azure AD (user signs into azure ad or office 365 via browser)? -使用Azure AD访问IIS托管站点(用户通过浏览器登录到Azure广告或Office 365)?
-Access an azure hosted site using Azure AD (user signs into azure ad or office 365 via browser)? -使用Azure AD访问Azure托管站点(用户通过浏览器登录Azure广告或Office 365)?
You might consider some refactoring your application to use Microsoft's Identity framework which will allow you to easily plug and play how your application authenticates. 您可能会考虑将应用程序重构为使用Microsoft的Identity框架,这将使您可以轻松地即插即用并验证应用程序的身份验证方式。
For .NET framework 对于.NET Framework
Take a look at using ASP.NET Identity 看看使用ASP.NET Identity
https://docs.microsoft.com/en-us/aspnet/identity/overview/getting-started/introduction-to-aspnet-identity https://docs.microsoft.com/zh-cn/aspnet/identity/overview/getting-started/introduction-to-aspnet-identity
For .NET Core 对于.NET Core
Take a look at using Identity on ASP.NET Core 看看在ASP.NET Core上使用身份
https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity-configuration?view=aspnetcore-2.1&tabs=aspnetcore2x https://docs.microsoft.com/zh-cn/aspnet/core/security/authentication/identity-configuration?view=aspnetcore-2.1&tabs=aspnetcore2x
By using these frameworks, you can keep your login code the same and change the way the user is authenticated. 通过使用这些框架,您可以保持登录代码不变,并更改对用户进行身份验证的方式。
Hope this helps! 希望这可以帮助! Cheers! 干杯!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.