SAML与web api中的oauth [英] SAML with oauth in web api
问题描述
嗨每一个
我正在开发web api项目,因为我实现了OAuth安全性,但现在客户想要oauth的saml所以我没有一个想法如何实现saml我搜索了很多网站,但我没有得到代码的想法。以及如何使用我们的应用程序配置IDP和SP请逐步举例说明如何实现它。
我尝试过:
i已经尝试了很多站点中的代码以及那些网站上提到的工具。
也尝试了代码项目示例但是我不知道IDP的配置一个SP
有服务请任何人可以帮我从这个出来
Hi Every one
I am developing the web api project in that i implemented the OAuth Security but now the client want saml with oauth so i don't have an idea how to implement saml i searched lot of sites but i did not get the idea of code. and also how to configure IDP and SP with our app please give the example step by step how to implement it.
What I have tried:
i have tried the code in lot of sites and the tools which are mentioned on that sites.
also tried the code project example but i don't know the configuration of IDP An SP
with service please any one can help me to come out from this one
推荐答案
SAML只是一个标准,它完全在你手中实现它,你可以用任何方式这样做。在这种情况下,您需要使用的是用户的电子邮件地址,而不是您的应用程序ID和秘密令牌。您将拥有一种基于自定义握手在两个或更多组织之间进行通信的机制。在OAuth中,您使用了该应用程序,然后要求用户对应用程序进行身份验证,但在此处您正在进行相反的操作 - 您希望创建和共享用户信息。完整的想法在 SAML 的使用部分中得到了公正的解释[ ^ ]。
另请阅读认证 - SAML与OAuth联合登录 - Stack Overflow [ ^ ]
既然你在谈论ASP.NET Web API,那么只需使用ASP.NET Identity,它就拥有了大部分内容。已经引入的功能。您还可以将其与Active Directory集成以供组织内部使用。
SAML is just a standard, it entirely is in your hands to implement it, you can use any way to do so. What you need to use in this case is email address of the user, instead of your application ID and a secret token. You will have a mechanism to communicate between two or more organizations based on a self-defined handshake. In OAuth you used the application, and then asked user to authenticate the application, but here you are doing opposite — you want to create and share user information. The complete idea is explained fairly in the Use section of SAML[^].
Also read, authentication - SAML vs federated login with OAuth - Stack Overflow[^]
Since you are talking about ASP.NET Web API, just use ASP.NET Identity, it has most of the features already introduced in it. You can also integrate it with Active Directory for organization's internal usage.
这篇关于SAML与web api中的oauth的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
