使用Geneva Server进行自定义验证 [英] Custom Authentication using Geneva Server

问题描述

我一直在评估Geneva Server / Framework，以支持内部和外部应用程序用户身份验证的要求。我的内部用户对Active Directory进行身份验证，而Geneva Server则很好地覆盖了这一点。我的外部用户使用各种方法对自定义数据存储进行身份验证，例用户名/密码/令人难忘的数据。如果不使用框架编写自定义STS，我无法看到适应外部用户的方法。假设日内瓦服务器绑定到Active Directory进行身份验证，或者我可以使用自定义身份验证存储和关联的登录页面扩展我的Geneva Server实例，我是否正确？

我意识到Geneva Server支持自定义属性存储，但我需要在访问属性存储之前进行身份验证。

I have been evaluating Geneva Server/Framework against a requirement to support authentication of both internal and external application users.  My internal users authenticate against Active Directory and Geneva Server covers this nicely.  My external users authenticate against custom data stores using various methods, e.g. username/password/memorable data.  I cannot see a way of accommodating my external users without writing a custom STS using the framework.  Am I correct in assuming that Geneva Server is bound to Active Directory for authentication or can I extend my Geneva Server instance with a custom authentication store and associated login pages?

NB I realise that Geneva Server supports a custom attribute store but I need to authenticate before I can access the attribute store.

推荐答案

Ian，

您只能使用Active Directory作为使用Geneva Server验证存储（ADFS 2.0）。如果要继续使用自定义数据存储，则需要使用Geneva Framework（WIF）来创建自定义STS。另一个选项（取决于您的环境）是使用Idm产品（如ILM 2007）将您的外部用户从自定义身份验证存储库同步到Active Directory。这使您可以继续使用日内瓦服务器的开箱即用功能。

标记

Ian,

You can only use Active Directory as an Authentication Store with Geneva Server(ADFS 2.0). If you want to continue using your custom data stores you would need to use the Geneva Framework(WIF) to create a custom STS. Another option, depending on your environment is to use an Idm product(like ILM 2007) to synchronize your external users from your custom auth stores to Active Directory. This allows you to continue to use the out of the box functionality of Geneva server.

Mark

这篇关于使用Geneva Server进行自定义验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！