堆栈内存溢出
  简体   繁体   English

通过ADFS验证用户(Active Directory联合身份验证服务)

[英]Authenticate user by ADFS (Active Directory Federation Service)

 原文  2012-05-18 10:53:44       c#/ .net/ c#-4.0/ adfs2.0

问题描述

I need to check whether particular user exist OR not in Active Directory by ADFS . 我需要通过ADFS检查特定用户是否存在于Active Directory中。

So, I want my ADFS to check user Authentication by UserName/Password. 所以,我希望我的ADFS 通过UserName / Password check user Authentication

Could anybody please provide the sample code OR tutorial for the same. 任何人都可以提供相同的示例代码或教程。

Thanks in advance! 提前致谢!

3 个解决方案

解决方案1
 5  2012-05-23 09:55:41

To use Username/Password authentication you can use the 要使用用户名/密码身份验证,您可以使用

trust/13/UsernameMixed 信任/ 13 / UsernameMixed

endpoint of the ADFS 2.0. ADFS 2.0的端点。

This does NOT check if the user exists in the Active Directory! 这不会检查用户是否存在于Active Directory中!

In code you request the token like this: 在代码中,您可以像这样请求令牌: 

WSTrustChannelFactory adfsfactory = new WSTrustChannelFactory(new UserNameWSTrustBinding(SecurityMode.TransportWithMessageCredential),
                            StsEndpoint);

adfsfactory.TrustVersion = TrustVersion.WSTrust13;

// Username and Password here...
factory.Credentials.UserName.UserName = "domain\username";
factory.Credentials.UserName.Password = "password";

IWSTrustChannelContract channel = adfsfactory.CreateChannel();

// request the token
SecurityToken token = channel.Issue(rst);

Then create the channel factory for your service using your token: 然后使用您的令牌为您的服务创建渠道工厂: 

var binding = new WS2007FederationHttpBinding(WSFederationHttpSecurityMode.Message);

var factory = new ChannelFactory<IYourInterface >(binding, "your service address");

factory.ConfigureChannelFactory();

IYourInterface channel = factory.CreateChannelWithIssuedToken(token);

Hope this helps! 希望这可以帮助!

解决方案2
 1  2012-05-18 19:48:35

The AD FS 2.0 sign-in pages support username/password authentication out of the box. AD FS 2.0登录页面支持开箱即用的用户名/密码验证。 No code or customizations necessary. 无需代码或自定义。

解决方案3
 0  2012-05-20 19:15:58

As per @Marnix, this is out the box behavior. 根据@Marnix,这是不行的。

However, just to point out: 但是,只需指出:

Authenticating the user is NOT the same as checking whether a particular user exists in Active Directory. 对用户进行身份验证与检查Active Directory中是否存在特定用户不同。

eg the user could be locked out. 例如,用户可能被锁定。 He still exists in AD but will not be able to authenticate. 他仍然存在于AD但无法进行身份验证。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何根据Active Directory联合身份验证服务(ADFS)验证用户名和密码? - How to authenticate user name and password against Active Directory Federation Services (ADFS)? 如何从ADFS(Active Directory联合身份验证服务)检索声明 - How to retrieve claims from ADFS (Active Directory Federation Services) 针对活动目录中的用户进行身份验证? - Authenticate against a user in active directory? 将OpenID Connect与活动目录联合服务(ADFS)结合使用时,如何在id_token中包括其他声明? - How to include an additional claims to the id_token when using OpenID Connect with active directory federation services(ADFS)? 如何根据Active Directory正确验证用户身份? - How to properly authenticate user against Active Directory? 如何使用Active Directory验证当前用户? - How to authenticate current user with Active Directory? 如何针对Azure Active Directory验证用户 - How to authenticate user against Azure Active Directory 在 Unity 中验证没有联合的 Cognito 用户 - Authenticate a Cognito user without Federation in Unity 在 C# 中搜索 Active Directory 并使用当前用户进行身份验证 - Searching through Active Directory in C# and authenticate with current User 如何在 c# 中验证活动目录管理员用户? - How to authenticate active directory admin user in c#?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM