使用本地ADFS进行Angular 2认证 [英] Angular 2 Authenticatication with on-prem ADFS

问题描述

我们已决定使用 Angular 2 作为我们新项目的框架。在尝试处理事物的安全性方面，我在 本地 ADFS 的身份验证中找不到很多东西。 Azure AD 可以解决很多问题，但这不是我们的选择。

有谁知道能够设置 Angular 2 成功针对 ADFS 进行身份验证？

We have decided to use Angular 2 as the framework for our new project. In trying to deal with the security aspect of things, I cannot find much on authentication with on-prem ADFS. There is plenty out there dealing with Azure AD, but that is not an option for us.
Does anyone know of a way to be able to setup Angular 2 to successfully authenticate against ADFS?

推荐答案

您可以使用 ng2-adal npm库，您可以实现它与为Azure AD实施的方式相同，但是您可以使用以下ADFS值填充 secret-service.js 的值：

You can implement this successfully using the ng2-adal npm library, you can implement it the same way it is implemented for Azure AD, but instead you fill the values of the secret-service.js with the ADFS values as following:

import { Injectable } from '@angular/core';

@Injectable()
export class AdfsSecretService {
  private endpoints: any = {
    'http://{your-website-url}/':
    'http:/{the-service-provider-identifier}', // as registered in ADFS
  };

  public get adalConfig(): any {
    return {
        instance: 'https://{your.adfs.site}/',
        tenant: 'adfs',
        clientId: '{adfs-client-guid}',
        redirectUri: window.location.origin + '/',
        postLogoutRedirectUri: window.location.origin + '/',
        endpoints: this.endpoints
    };
  }
}

您可以在库的自述文件部分。

you can find a link to an example in the library's readme section.

在 ADFS 端，您需要在 ADFS 下将应用注册为应用组，有关更多信息，请参考此技术网文章

On the ADFS side you need to register your apps under ADFS as an Application Group, for more info refer to this technet article

这篇关于使用本地ADFS进行Angular 2认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！