WCF，声明，ADFS 3.0 [英] WCF, Claims, ADFS 3.0

问题描述

我试图了解使用WCF，Claims和ADFS 3.0开发框架所需要的内容。内部用户将根据Active Directory进行身份验证，外部用户将根据SQL Server表进行身份验证，并且授权存储在实现组和权限的数据库表中。我正在使用WCF创建API，而不是Web Api或OWIN。

I'm trying to understand what I need to develop a framework using WCF, Claims and ADFS 3.0. The internal users will authenticate against Active Directory, External User authenticate against SQL Server table and the authorization is stored in database tables implementing groups and permission. I am creating a API using WCF not Web Api or OWIN.

我对使用Identity Server或第三方产品不感兴趣，我只想知道如何创建自定义安全令牌服务以从我的会员表中读取并设置

I'm not interested in using Identity Server or 3rd party products, I just want to know how I create a Custom Security Token Service to read from my membership table and set claims via my Groups and Permissions table.

我找不到任何与此相关的信息。在Visual Studio 2015中没有身份和访问控件，使用WCF似乎什么也没有，仅使用Web Api，OWIN和MVC？

I can find no information on any of this. There is no Identity and Access control in Visual Studio 2015 and there seems to be nothing using WCF, only using Web Api, OWIN and MVC?

推荐答案

本文似乎为您提供了一个很好的开始， http://southworks.com/blog/2007/03/11/the-holly-grail-企业安全性/

This article seems to have a good start for you, http://southworks.com/blog/2007/03/11/the-holly-grail-of-enterprise-soa-security/

这是我在MVC应用程序中使用的代码（不是WCF，但很多需要

and here is the code that I use in my MVC app (not WCF, but many of the things that need to be done are the same)

var claims = new List<Claim>()
            {
                new Claim(ClaimTypes.Name, result.UserName),
                new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", result.Email),
                new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider",
                    result.Email),
                new Claim("UserId", result.Id.ToString(CultureInfo.InvariantCulture)),
                new Claim("UserName", result.UserName),
                new Claim("FirstName", result.FirstName)
            };

        //load claims from database here
        claims.AddRange(result.Roles.Select(role => new Claim(ClaimTypes.Role, role.Name)));

        var id = new ClaimsIdentity(claims, "Forms");
        var cp = new ClaimsPrincipal(id);
        var token = new SessionSecurityToken(cp)
        {
            IsPersistent = false

        };

        Session["authToken"] = token;

        var sam = FederatedAuthentication.SessionAuthenticationModule;
        sam.WriteSessionTokenToCookie(token);

这篇关于WCF，声明，ADFS 3.0的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！