[英]How to authenticate a Windows Forms client using SAML?
I have been looking into using an identity provider (IDP) to provide user authentication for a Windows Forms client.我一直在研究使用身份提供者 (IDP) 为 Windows Forms 客户端提供用户身份验证。 The user credentials will be hosted by Auth0.
用户凭据将由 Auth0 托管。 After creating a trial account with Auth0 I have downloaded a sample C# Windows Forms client application that can be used to authenticate to the Auth0 IDP using OpenID Connect ("OIDC").
使用 Auth0 创建试用帐户后,我下载了示例 C# Windows Forms 客户端应用程序,可用于使用 OpenID Connect (". The WinForms sample application pops up a web browser component, displays the Auth0 login screen, I login to the Auth0 IDP (having setup some test credentials in Auth0) and the WinForms application then is sent an authentication token.
WinForms 示例应用程序会弹出一个 web 浏览器组件,显示 Auth0 登录屏幕,我登录到 Auth0 IDP(在 Auth0 中设置了一些测试凭据),然后向 WinForms 应用程序发送一个身份验证令牌。 All well and good, and if I try to login a second time I no longer need to enter my credentials.
一切都很好,如果我再次尝试登录,我不再需要输入我的凭据。
However... the company that I will be fetching authentication data from in production would like to use SAML.但是......我将从生产中获取身份验证数据的公司希望使用 SAML。 Is there any way to do this?
有没有办法做到这一点? Based on what I have read, SAML needs a "Service Provider" that will receive credentials from the IDP.
根据我所阅读的内容,SAML 需要一个“服务提供者”来接收来自 IDP 的凭据。 The Service Provider is (typically?) a web site.
服务提供商(通常?)是 web 站点。 That does not seem to match very well with what I am trying to do (authenticate a windows client).
这似乎与我正在尝试做的事情不太匹配(验证 windows 客户端)。 Is there any way of using SAML to do essentially what I have done using OIDC (fetch authentication information for a user from an IDP)?
有没有什么方法可以使用 SAML 来完成我使用 OIDC 所做的事情(从 IDP 获取用户的身份验证信息)? Would I need to develop a separate Service Provider component for this?
我需要为此开发一个单独的服务提供者组件吗?
Sounds like what you've done so far is fine architecturally:听起来你到目前为止所做的在架构上很好:
This puts you in a good position architecturally, where:这使您在架构上处于良好的 position 中,其中:
Feels like you need to set up a federated connection from Auth0 to the SAML Service Provider, and most commonly this involves these steps:感觉您需要建立一个从 Auth0 到 SAML 服务提供者的联合连接,这通常涉及以下步骤:
There are prerequisites though, and the external identity provider needs to be SAML 2.0 compliant.但是有一些先决条件,并且外部身份提供者需要符合 SAML 2.0。 My Federated Logins Article may help you to understand the general concepts, though I do not drill into SAML details here.
我的Federated Logins 文章可能会帮助您理解一般概念,但我不会在这里深入探讨 SAML 细节。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.