结合Forms身份验证和CBA [英] Combining Forms authentication and CBA
问题描述
我急!我即将开始实施CBA。我的应用程序是一个作为SaaS提供的B2B购买系统。 ""与多个合作伙伴的联合身份"方案我的P& P书籍基于声明的身份和访问控制指南适用
,但有一个例外,我还需要支持小客户的表单身份验证。设置< authentication mode =" None" />我看来不是一个选项,因为我的应用程序只会期望FAM身份验证。
I´m just about to begin implementation of CBA. My Application is a B2B purchasing system offered as a SaaS. The "Federated identity with multiple partners" scenario i the P&P book A Guide to Claims-Based Identity and Access Control applies well with one exception, I need to still support Forms authentication for small customers. Setting <authentication mode="None" /> is not an option as I see it because the my app will only expect FAM authentication.
那么,是否可以将表单和CBA结合起来并提供给我的客户?
So, is it possible to combine Forms and CBA and offer both to my customers?
推荐答案
也许您可以在目前拥有的Identity Store上实现自己的IP-STS?然后,您的资源STS应该信任该IP-STS和您所有客户的IP-STS。然后应用程序只需要处理来自资源STS的令牌。
Maybe you can implement your own IP-STS on top of the Identity Store you currently have? Your Resource STS should then trust that IP-STS and all of your customer's IP-STS'es. The application then only needs to handle tokens from the Resource STS.
我认为混合两种身份验证模式会有问题,因为WIF使用的模块。如果你在代码中为CBA和Forms执行所有身份验证重定向,也许你可以逃脱它。 AllowPassiveRedirect
肯定不会在这种情况下起作用。
Mixing the two authentication modes is going to be problematic I think, because of the modules that are used by WIF. Maybe you can get away with it if you do all the authentication redirects, for both CBA and Forms, in your code. AllowPassiveRedirect will definately not work in this scenario.
这篇关于结合Forms身份验证和CBA的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
