将SSO添加到现有.NET应用程序 [英] Add SSO to existing .NET application
本文介绍了将SSO添加到现有.NET应用程序的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我们公司在SAAS设置中提供基于Web的应用程序(ASP.NET和SQL Server)。
我们的一位客户询问我们是否可以使用SSO他们的Active Directory,所以老板问我是否可以实施上面提到的SSO ...
我们的应用程序有很多客户很乐意按原样使用它做额外的登录工作,所以我不想以任何方式打扰他们的经历。
我的问题是:它是否可行;什么是最好的方法?
提前谢谢...
Our company offers a web based application (ASP.NET & SQL Server) in a SAAS setting.
One of our clients asked if we can implement SSO using their Active Directory, so the boss asked me if I can implement the above mentioned SSO...
Our app has many clients who are happy to use it as is and do the extra work of logging in, so I do not want to disturb their experience in any way.
My questions are: is it doable; what is the best approach?
Thank you in advance...
推荐答案
是的,这是可行,但有很多方法,这不是一个简单的任务。
首先要确定的是客户如何向您提交用户信息。简单地传递一个SID或域名和用户名是不够的。您可能会遇到重复的用户和SID更改太频繁。您最好的选择是使用他们的电子邮件地址或Active Directory中的GUID。
其次,您需要选择SSO身份验证模型。您可以创建自己的模型以集成到您的应用程序中。我建议不要这样做并研究SSO设计模式。以下是帮助您入门的一个示例:
http:// www。 owasp.org.cn/OWASP_Conference/2011/10.pdf [ ^ ]
下一步是确定如何修改现有登录流程,以免影响您的顾客。我不能真正帮助你,因为我不知道你的应用程序是如何构建的。
我希望这有帮助!
Yes, this is doable, but there are many approaches and this is not a simple task.
First thing you would need to determine is how they customer will submit to you their user information. Simply passing you a SID or a domain name and user name won't be enough. You will likely run into duplicate users and SIDs change too frequently. Your best bet is to go with their email address or the GUID from Active Directory.
Second, you need to choose an SSO authentication model. You could create your own model to integrate into your application. I would suggest not doing this and research SSO design patterns. Here is one example to help you get started:
http://www.owasp.org.cn/OWASP_Conference/2011/10.pdf[^]
Your next step would be to determine how you want to modify the existing login process so it doesn't affect your customers. I can't really help you there as I don't know how your application is built.
I hope this helps!
这篇关于将SSO添加到现有.NET应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
