[英]Integrating Active Directory in my asp.net website
In my website i want to use active directory users for authentication. 在我的网站中,我想使用活动目录用户进行身份验证。 how can i do this.
我怎样才能做到这一点。
You need to specify Windows Authentication in your web.config 您需要在web.config中指定Windows身份验证
<system.web>
<authentication mode="Windows"/>
</system.web>
Then set up allow/deny blocks to specify users who have access, etc. 然后设置允许/拒绝块以指定具有访问权限的用户等。
<authorization>
<allow roles="AuthorizedADGroup" />
<allow users="AllowedUserName" />
<deny users="*" />
<deny users="?"/>
</authorization>
If you need to do programmatic validation of credentials against Active Directory, you should use the new System.DirectoryServices.AccountManagement
classes that are available in .NET 3.5. 如果需要对Active Directory进行凭据的编程验证,则应使用.NET 3.5中提供的新
System.DirectoryServices.AccountManagement
类。
Read the Managing Directory Security Principals in the .NET Framework 3.5 in the January 2008 issue of MSDN Magazine for more info. 有关详细信息,请阅读2008年1月的MSDN杂志中的.NET Framework 3.5中的管理目录安全主体 。 NOTE: only CHM download
注意:仅限CHM下载
For validating credentials, you'd have to create a principal context - either a machine (single server) or domain (network) and then call the .ValidateCredentials()
method on it: 要验证凭据,您必须创建主体上下文 - 机器(单个服务器)或域(网络),然后在其上调用
.ValidateCredentials()
方法:
using System.DirectoryServices.AccountManagement;
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "YOURDOMAIN");
if(ctx.ValidateCredentials(userName, password))
{
// user is validated
}
Pretty simple, isn't it?? 很简单,不是吗? This works great if your users need to log in using a form where they enter username and password and you can grab these to check their account.
如果您的用户需要使用输入用户名和密码的表单登录,并且您可以抓住这些用户来检查他们的帐户,则此功能非常有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.