堆栈内存溢出
  简体   繁体   English

为什么Web客户端在使用WIF时需要Passive STS

[英]Why does web client require Passive STS when using WIF

 原文  2010-05-06 13:35:18       wif/ passive-sts/ sts-securitytokenservice

问题描述

I have a web application and would want it to be secured using a Custom STS using Windows Identity foundation 3.5. 我有一个Web应用程序,并希望使用Windows身份基础3.5使用自定义STS进行保护。 All examples have a passive STS in scene. 所有示例都在场景中具有被动STS。 Why is this needed? 为什么需要这个? and What happens if you call the Active STS 9Custom written using WIF) directly? 如果直接使用WIF编写Active STS 9Custom,会发生什么?

2 个解决方案

解决方案1
 4 已采纳  2010-05-07 14:39:45

Normally you use passive federation for web application, because web clients are unable to emit proper SOAP hence got the label "Passive Requestor", while anything able to produce proper SOAP got the label "Active Requestor" and can use Active Federation without problems. 通常,您使用被动联合进行Web应用程序,因为Web客户端无法发出正确的SOAP,因此获得了标签“Passive Requestor”,而任何能够生成正确SOAP的东西都获得了标签“Active Requestor”并且可以毫无问题地使用Active Federation。 There are luck of samples of this on internet, but check Vittorio Bertocci's blog , there you can find great articles about active and passive federation. 互联网上有这样的样本运气,但请查看Vittorio Bertocci的博客 ,在那里你可以找到关于主动和被动联合的精彩文章。

解决方案2
 1  2010-05-25 14:44:53

The simplest example is to generate a web application in Visual Studio and then run the "Add STS Reference" wizard (which is enabled if you install the WIF SDK). 最简单的示例是在Visual Studio中生成Web应用程序,然后运行“添加STS参考”向导(如果您安装WIF SDK,则会启用该向导)。 You do this by right-clicking on the web project. 您可以通过右键单击Web项目来执行此操作。

You can run the same against a web service and the wizard will create an STS for "Active Clients". 您可以针对Web服务运行相同的操作,向导将为“活动客户端”创建STS。

"Active" and "Passive" are implemnetation details. “主动”和“被动”是实施细节。 As Daria mentiones above: "Passive" refers to web browsers and "Active" to anything capable of using WS-Trust which is the protocol you use to obtain a token from an STS. 正如Daria在上面提到的那样:“被动”指的是能够使用WS-Trust的任何东西的Web浏览器和“活动”,WS-Trust是用于从STS获取令牌的协议。

In a production environment, you should use a "production" ready STS (like ADFS). 在生产环境中,您应该使用“生产”就绪STS(如ADFS)。 Building one is not impossible, but it might take time. 建造一个并非不可能,但可能需要一些时间。

You can read more about claims based identity here: http://msdn.microsoft.com/en-us/library/ff423674.aspx 您可以在此处详细了解基于声明的身份: http//msdn.microsoft.com/en-us/library/ff423674.aspx

Eugenio 欧亨尼奥

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用WCF的WIF STS令牌 - Using WIF STS tokens with WCF 如何通过WIF向Passive STS提出其他索赔要求? - How do I request additional claims from Passive STS with WIF? 使用WIF创建自定义STS-IP,为什么不创建 - Creating a custom STS-IP with WIF and why not 使用WSFAM的带有被动STS的WCF应用程序服务 - WCF Application Service with Passive STS using WSFAM WIF中的主动和被动联合会 - Active and Passive Federation in WIF 在ASP.NET MVC中使用被动STS进行身份验证时,如何访问SecurityToken? - When using a passive STS for authentication in ASP.NET MVC, how can I access the SecurityToken? 带有多个STS的WIF - WIF with multiple STS's WIF,联邦和STS - WIF, Federation and STS 以编程方式将Web App和WCF配置为使用STS(WIF) - Programatically configure Web App and WCF to use an STS (WIF) 对STS和WIF感到困惑 - Confused about STS and WIF
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM