OAuth 用户身份验证和 Active Directory 用户身份验证有什么区别?
[英]What is the difference between OAuth user authentication and Active Directory user authentication?
问题描述
I want that only the authenticated users can access my web application (.net).
我希望只有经过身份验证的用户才能访问我的 Web 应用程序 (.net)。 For this, in my solution design I am proposing an Identity management system.为此,在我的解决方案设计中,我提出了一个身份管理系统。
But I want to understand whether I should go with但我想知道我是否应该去
OAuth authentication
or the Active Directory authentication
What is the difference between these two and which one should used when.
1 个解决方案
解决方案1
2 2018-08-04 23:14:56
I guess you´re mixing concepts:我猜你在混合概念:
OAuth is basically delegation of the authorization to another application. OAuth基本上是将授权委托给另一个应用程序。 It can be an application written by you/your team, or it can be the active directory.它可以是您/您的团队编写的应用程序,也可以是活动目录。 Finally, it can be the google login there is here in stackowerflow)最后,它可以是 stackowerflow 中的 google 登录名)
The authorization will generate a token and is the one used by the application to authorize each time.授权将生成一个令牌,并且是应用程序每次用于授权的令牌。
What I think you are trying to compare is SAML with OAuth :我认为您要比较的是SAML和OAuth :
The main difference is what I told before, using OAuth you will trust the 3rd party application which the user is logged on.主要区别是我之前说过的,使用 OAuth 您将信任用户登录的第 3 方应用程序。
SAML is an standard that achieves the Single sign on, federation and identity manager. SAML 是实现单点登录、联合和身份管理器的标准。
There is other differences还有其他区别
The Token generated生成的令牌
SAMLis an `XMLSAML是一个`XML-
OAuthisJsonOAuth是Json
The transport layer传输层
- OAuth is limited to HTTP OAuth 仅限于 HTTP
- there is no limit for SALM SALM没有限制
The main goal主要目标
- OAuth was fully designed to use into internet, to delegate the authorization to trusted companies. OAuth 完全设计用于互联网,将授权委托给受信任的公司。
- SAML was designed for enterprise scenarios. SAML 是为企业场景设计的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.