ASP.NET-检测用户是否通过Active Directory进行了身份验证?
[英]ASP.NET - Detect if user is authenticated with Active Directory?
问题描述
We have a SSO solution with ADFS for logging into our web app, we also have standard setup that uses authentication with our database. 
我们有一个带有ADFS的SSO解决方案,用于登录到我们的Web应用程序,我们也有使用对数据库进行身份验证的标准设置。 I want to setup a solution that allows for both. 我想设置一个解决方案,兼顾两者。 So now I am trying to figure out, is there any way for ASP.NET to detect if a user is authenticated with Active Directory so I could do this on the fly? 因此,现在我试图弄清楚,ASP.NET是否可以通过某种方法来检测用户是否已通过Active Directory进行身份验证,所以我可以即时进行此操作? If user is logged in through AD, send through ADFS, else, show login screen. 如果用户通过AD登录,则通过ADFS发送,否则,显示登录屏幕。 Any idea? 任何想法?
I also realize that this may not work if they are setup to use forms based authentication only after the ADFS process is started. 我还意识到,如果将它们设置为仅在ADFS进程启动后才使用基于表单的身份验证,则可能不起作用。
1 个解决方案
解决方案1
0 已采纳 2010-05-21 21:01:57
Yes... In IIS, enable both integrated authentication, basic, and anonymous. 是的...在IIS中,启用集成身份验证,基本身份验证和匿名身份验证。 All the real work is done in HTTPModule that are registered in the root Web.config (eg in the runtime CONFIG folder). 所有实际工作都在HTTPModule中完成,该HTTPModule已在根Web.config中注册(例如,在运行时CONFIG文件夹中)。 The built-in Authentication HTTPModule will set the user Principle once authenticated if authenticated via integrated credentials. 如果通过集成凭据进行身份验证,则内置身份验证HTTPModule将在通过身份验证后设置用户Principle。 You can add your own to be fired after it. 您可以添加自己的,然后将其解雇。 If the IIdentity (eg User.Identity) has the IsAuthenticated set to false then you know they were not authenticated and can then redirect them. 如果IIdentity(例如User.Identity)的IsAuthenticated设置为false,则您知道它们未通过身份验证,然后可以重定向它们。 If it is set to true, you can then replace the IPrinciple with one that contains roles that are germane to your application. 如果将其设置为true,则可以将IPrinciple替换为包含与应用程序密切相关的角色的IPrinciple。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.