堆栈内存溢出
  简体   繁体   English

混合模式联合身份验证和表单身份验证

[英]Mixed Mode Federated authentication and Forms Authentication

 原文  2012-11-02 13:36:33       forms-authentication/ wif/ single-sign-on/ ws-federation/ passive-sts

问题描述

I am trying to make a mixed mode authentication to be able to put some users on Federated authentications and others on Forms authentication. 我正在尝试进行混合模式身份验证,以便能够将某些用户置于联合身份验证上,而其他用户则使用Forms身份验证。

I am working with WIF, I set up my STS and everything is happy, when I am in federated mode by turning off all the authentication this way: 我正在使用WIF,我设置了我的STS,一切都很开心,当我处于联邦模式时,通过这种方式关闭所有身份验证: 

<authorization>
    <deny users="?" />
</authorization>
<authentication mode="None" />

I log in to my main application then when I log in to my side application it will let me log in silently since the session cookie is already generated and the user is authenticated. 我登录到我的主应用程序然后当我登录到我的应用程序时,它将让我以静默方式登录,因为会话cookie已经生成并且用户已经过身份验证。

but when I use Forms authentication, when I log in to my side application it will take me to the login page which I understand because the user is not authenticated but it seems even with having the session cookie it is not silently redirecting it. 但是当我使用Forms身份验证时,当我登录到我的侧面应用程序时,它会将我带到我理解的登录页面,因为用户未经过身份验证,但即使使用会话cookie,它也不会默默地重定向它。

I know that I need to redirect onEndRequest to the STS to authenticate the user and if the user is already authenticated then it will generate FedAuth cookie and and it will log me in silently, 我知道我需要将onEndRequest重定向到STS以对用户进行身份验证,如果用户已经过身份验证,那么它将生成FedAuth cookie并且它会以静默方式登录我,

does anybody know how to implement this, I didn't find resources about it when I researched. 有谁知道如何实现这一点,我研究时没有找到有关它的资源。

Alaa 阿拉

1 个解决方案

解决方案1
 -1  2018-08-17 21:00:05

For all who needs to setup federated user authentication in asp.net app the following link might be extremely helpful: 对于需要在asp.net应用程序中设置联合用户身份验证的所有人,以下链接可能非常有用:
http://blog.elis-co.com/wif-sso-and-forms-authentication-in-asp-net/ http://blog.elis-co.com/wif-sso-and-forms-authentication-in-asp-net/

Also http modules included to the config from the link above are outdated. 此外,上述链接中包含的配置中的http模块也已过时。 So correct them with ones from the following article: 因此,请使用以下文章中的内容更正它们:
https://docs.microsoft.com/en-us/dotnet/framework/security/how-to-build-claims-aware-aspnet-web-forms-app-using-wif https://docs.microsoft.com/en-us/dotnet/framework/security/how-to-build-claims-aware-aspnet-web-forms-app-using-wif

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 IIS7混合模式身份验证 - IIS7 Mixed Mode Authentication MVC 5具有身份验证模式的外部身份验证=表单 - MVC 5 External authentication with authentication mode=Forms MVC3混合表单和Windows身份验证 - MVC3 mixed forms and Windows authentication TFS 2010中的混合模式身份验证(SQLMembershipProvider) - Mixed Mode Authentication (SQLMembershipProvider )in TFS 2010 使用MSSQL进行SharePoint 2007混合模式身份验证? - SharePoint 2007 Mixed Mode Authentication with a MSSQL twist? Windows身份验证模式的行为,带有表单子元素? - Behaviour of Windows authentication mode, with forms child element? 希望表单和Windows身份验证在组合模式下工作 - Want Forms and Windows authentication to work in combined mode 混合使用Asp.Net和MVC网站的表单身份验证单一登录 - Forms Authentication single sign on for Asp.Net and MVC sites mixed 混合ASP.NET网站表单身份验证重定向到错误的位置 - Mixed ASP.NET Site Forms Authentication Redirecting to the wrong place .NET Forms 身份验证 - 使用混合内容保护旧站点 - .NET Forms Authentication - Securing legacy site with mixed content
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM