如何为WinForms应用程序和SQL Server实现SSO(单点登录)
[英]How to implement SSO (Single Sign On) for a WinForms app and SQL Server
问题描述
We have a WinForms application that uses SQL server to store its data. 
我们有一个WinForms应用程序,它使用SQL服务器来存储其数据。 To authenticate the application users, we are using SQL Server to do the authentication. 要对应用程序用户进行身份验证,我们使用SQL Server进行身份验证。 The user must have a username/password that exists on the database server to be able to log in. 用户必须具有数据库服务器上存在的用户名/密码才能登录。
So far so good. 到现在为止还挺好。
Now one of our customers wants us to implement single sign on. 现在,我们的一位客户希望我们实施单点登录。 They want to be able to start our app without entering any username/password, they want to use Windows to authenticate the user. 他们希望能够在不输入任何用户名/密码的情况下启动我们的应用程序,他们希望使用Windows来验证用户身份。
Do you have any advice about how we could implement this? 您对我们如何实现这一点有什么建议吗?
2 个解决方案
解决方案1
2 已采纳 2009-09-10 19:40:58
See this article WinForms App Single Sign On in 2 Lines of Code . 请参阅本文WinForms App单点登录2行代码 。
Many developers are unaware of two information rich objects available to them for role-based validation and that can also be leveraged to verify authenticated access, essentially single sign on (SSO), to their application because the user has already logged onto the desktop.
解决方案2
1 2009-09-10 19:40:34
I'd say using active directory and SSPI (aka trusted connections). 我会说使用活动目录和SSPI(也称为可信连接)。 This would normally make use of kerberos authentication. 这通常会使用kerberos身份验证。
If you have a notion of a user in your database such as a Users table you can add another column or have a separate table to store that user's domain login name (eg, johnsmith@somedomain.example). 如果数据库中有用户的概念,例如Users表,则可以添加另一列,或者使用单独的表来存储该用户的域登录名(例如,johnsmith @ somedomain.example)。 You more commonly see somedomain\\johnsmith, but the @ method is the newer, prefered representation. 你更常见的是somedomain \\ johnsmith,但@ method是更新的,首选的表示。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.