如何在一个站点上对用户进行身份验证并将凭据传递到另一站点?(Windows身份验证,ASP.Net) [英] How to authenticate users on one site and pass credentials to other site? ( Windows Authentication, ASP.Net)
问题描述
我们有多个运行Windows身份验证的Web应用程序.
用户使用Domain \ Username登录到网站,这与他们在本地计算机上使用的DomainOther \ UsernameOther不同.
考虑到我们有两个站点One.xyz.com和Two.xyz.com都运行Windows身份验证(并且用户使用Domain \ Username登录到这两个站点),是否可以使用户从One.xyz.com上的页面重定向到曾经在One.xyz.com上输入凭证的情况下,Two.xyz.com的主页没有再次输入?
是否可以使用ASP.Net来做到这一点?
We have multiple web-applications running Windows authentication.
Users log on to the websites using Domain\Username which is different from the DomainOther\UsernameOther that they use on their local computers.
Considering we have 2 sites One.xyz.com and Two.xyz.com both running Windows Authentication (and user logs in to both using Domain\Username), is it possible to have theuser redirect from a page on One.xyz.com to the homepage of Two.xyz.com without entering his credentials again once he has already entered them on One.xyz.com?
Is it possible to do this using ASP.Net?
亲切的问候,
推荐答案
您正在寻找的被称为单点登录",并且有各种各样的商业产品可以满足您的需求.他们中的许多人都通过服务器变量通过HTTPS传递凭据,以便用户在URL中看不到凭据.我曾与那些想自己动手"并寻求其他方法(引用第三方服务器的会话密钥,加密且对时间敏感的URL字符串等)的公司合作.
What you are looking for is called Single Sign-On and there are a broad variety of commercial products capable of supporting your needs. Many of them pass credentials via server variables over HTTPS so that the users doesn't see the credentials in the URL. I've worked with companies that wanted to "roll their own" and who went for other approaches (session keys that reference a third server, encrypted and time-sensitive URL strings, etc.).
要开始使用,您将要阅读一本 Wikipedia条目登录(它也与SAML链接).您可能需要访问一些比较流行的商业供应商的网站,例如 Passlogix 和 Imprivata 也是如此(不过有数十种,因此请不要将此列表视为详尽无遗甚至特别推荐-只是很受欢迎).
To get started, you'll want to read the Wikipedia entry on single sign-on (it links with SAML as well). You may want to visit some of the more popular commercial vendors' websites such as Passlogix and Imprivata as well (there are dozens, though, so don't take this list as exhaustive or even particularly recommended - just popular).
这篇关于如何在一个站点上对用户进行身份验证并将凭据传递到另一站点?(Windows身份验证,ASP.Net)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
