堆栈内存溢出
  简体   繁体   English

没有Active Directory的来自ASP.NET应用程序的Office365 SSO

[英]Office365 SSO from ASP.NET application with no Active Directory

 原文  2013-02-07 21:34:16       c#/ asp.net/ single-sign-on/ office365

问题描述

We want to make a Single Sign On to Office365 from an ASP.NET web application that stores username and password in a database. 我们希望从一个将用户名和密码存储在数据库中的ASP.NET Web应用程序对Office365进行单一登录。 We do not have Active Directory accounts for these users. 我们没有这些用户的Active Directory帐户。

What I can read about SSO to office365 is that it only allows SSO with an on premise AD. 我对Office365的SSO的了解是,它仅允许带有本地AD的SSO。 But there should be some work arounds around this. 但是,应该对此进行一些解决。

Anyone who can give me a pointer on how to accomplish this. 任何可以为我提供指导的人。

1 个解决方案

解决方案1
 1 已采纳  2013-02-07 21:44:27

This is possible but difficult. 这是可能的,但是很困难。 We spent like a month to get it done. 我们花了一个月的时间来完成它。

What you have to do is to set up your own ws-federation security token service. 您要做的是设置自己的ws-federation安全令牌服务。 You develop it with WIF. 您使用WIF开发它。 It should expose the exact metadatw and claims that ADFS2.0 does. 它应该公开确切的metadatw并声称ADFS2.0确实可以。 This is one of the tricky parts as this is not documented anywhere and requires some reverse engineering on ADFS metadata. 这是棘手的部分之一,因为任何地方都没有记录,并且需要对ADFS元数据进行一些逆向工程。

When the sts is ready and functional, the O365 will not see a difference between your sts and thr ADFS and will happily authenticate users against your own sts. 当sts准备就绪并可以正常工作时,O365将不会看到您的sts和thr ADFS之间的差异,并且会根据您自己的sts来愉快地对用户进行身份验证。 And the sts can use any user backstore you want. 并且sts可以使用您想要的任何用户后台存储。

Yet another problem is the way you automate O365 to create user accounts. 另一个问题是O365自动创建用户帐户的方式。 This is simpler, as the powershell api is well documented and allows you to mimic the way the DirSync works so that you don't need DirSync and the AD. 这很简单,因为powershell api已有充分的文档记录,可让您模仿DirSync的工作方式,从而无需DirSync和AD。

This only scratches the surface and be prepared for a tough research. 这仅会刮伤表面,并准备进行艰巨的研究。 Any specific questions can be answered but I wouldn't expect a step-by-step tutorial from anyone. 任何特定的问题都可以回答,但我不希望任何人都提供分步教程。 At least we haven't found anything and we did all by ourselves. 至少我们什么都没找到,我们自己做。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Office365应用的Asp.Net身份验证 - Asp.Net Identity authentication with Office365 app Office 365与Asp.net Web应用程序(MVC应用程序)集成吗? - Office 365 integration with Asp.net web application (MVC Application)? 带有 Asp.net Webforms 的 Azure Active Directory SSO - Azure Active Directory SSO with Asp.net Webforms 从 ASP.NET 应用程序连接到 Azure Active Directory - Connecting to Azure Active Directory from ASP.NET application 在C#.Net中从Office365获取约会 - Get appointment from Office365 in C#.Net 从Office 365单一登录到Asp.Net网站 - Single sign on from office 365 to Asp.Net website 如何在 asp.net C# 中使用启用双重身份验证的 office365 email 帐户发送 email? - How to send email using two factor authentication enabled office365 email account in asp.net C#? Asp.net MVC5 和 SMTP Office365 版本 4.5.2 出现异常,代码在版本 4.8 上运行良好 - Asp.net MVC5 with SMTP Office365 Exception at version 4.5.2, the code works well at version 4.8 有没有一种方法可以将Office365用作WebSite的身份验证源SSO? - Is there a way to use Office365 as the authentication source SSO for a WebSite? 使用MVVM的Office365 Windows应用程序 - Office365 Windows Application using MVVM
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM