堆栈内存溢出
  简体   繁体   English

现有应用程序的Azure AD身份验证

[英]Azure AD Authentication with existing application

 原文  2018-11-08 14:51:15       azure/ authentication/ azure-active-directory

问题描述

I have got an existing application for which the customers want to enable Azure AD authentication. 我有一个现有的应用程序,客户想要为其启用Azure AD身份验证。 What I cannot understand is how to create an association between the existing application users, and the correspondent Azure user. 我无法理解的是如何在现有应用程序用户和对应的Azure用户之间创建关联。

I have seen that once the user is authenticated with Azure, the application gets a UserInfo object that contains info such as GivenName, FamiliName,... but those are not enough to identify the user in the existing application. 我已经看到,一旦用户通过Azure进行身份验证,该应用程序就会获得一个UserInfo对象,该对象包含诸如GivenName,FamiliName等信息,但是这些信息不足以在现有应用程序中标识该用户。

It will be good if the customer could associate themselves the Azure users to the existing application username (for instance), and then somehow the application could retrieve this information after the Azure authentication. 如果客户可以将自己的Azure用户关联到现有的应用程序用户名(例如),然后以某种方式应用程序可以在Azure身份验证之后检索此信息,那将是很好的。 Do you have any tip to point in a possible approach for this issue? 您是否有任何技巧指出解决此问题的可能方法?

1 个解决方案

解决方案1
 0  2018-11-08 16:34:55

Azure Active Directory supports following protocols for authentication : Azure Active Directory支持以下身份验证协议:

  • SAMLv2 SAMLv2
  • WS-Fed WS-美联储
  • OpenIDConnect / OAuth2 OpenIDConnect / OAuth2

cf. 比照 https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-authentication-protocols https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-authentication-protocols

By configuring application registration in Azure AD you can add to authentication token different claims mapped to user attributes (ie SAML claims : https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization ) 通过在Azure AD中配置应用程序注册,您可以向身份验证令牌添加映射到用户属性的不同声明(即SAML声明: https : //docs.microsoft.com/zh-cn/azure/active-directory/develop/active-directory- saml-claims-customization

If you need to preprovision users in application from Azure AD you can use SCIM protocol : https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/use-scim-to-provision-users-and-groups 如果需要在Azure AD的应用程序中预先配置用户,则可以使用SCIM协议: https ://docs.microsoft.com/zh-cn/azure/active-directory/manage-apps/use-scim-to-provision-users -and-组

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我可以在现有的 PHP 应用程序中实施 Azure AD 身份验证吗 - Can I implement Azure AD Authentication into an existing PHP application Azure AD 身份验证对现有 ASP.NET 核心身份应用程序 - Azure AD authentication to existing ASP.NET Core Identity application 如何将Azure AD身份验证添加到现有的ASP.NET MVC应用程序? - How to add Azure AD Authentication to Existing ASP.NET MVC Application? 是否可以将Azure AD身份验证与AWS中托管的基于Java的现有Web应用程序集成? - Possible option to integrate Azure AD authentication with existing Java based web application hosted in aws? 身份验证基于IIS托管的应用程序中的Azure AD - Authentication thought Azure AD in application hosted on IIS MVC应用程序Azure AD和自定义身份验证支持 - MVC application Azure AD and custom authentication support Azure AD身份验证并将角色分配给应用程序用户 - Azure AD authentication and assigning roles to application users Intranet Web应用程序的Azure AD身份验证 - Azure AD Authentication for Intranet Web Application 如何将Azure AD身份验证添加到现有的.net网站 - How to add Azure AD authentication to existing .net web site 使用 KeyVault 和 Azure PowerShell 证书身份验证创建 Azure AD 应用程序 - Create an Azure AD application with KeyVault & Azure PowerShell Certificate authentication
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM