自定义Azure MFA SDK API替代方案 [英] Custom Azure MFA SDK API alternatives
问题描述
你好
我们的Web门户基于Java框架构建,当前使用Azure进行语音身份验证.当前实现使用带有MFA身份验证提供程序的Azure多重身份验证软件开发工具包(SDK)Java版本. 我们已经使用Azure订阅创建了MFA身份验证提供程序.同样,我们当前在门户网站上执行的MFA也不使用MFA服务器和AD.我们在门户数据库中维护用户. 根据Microsoft的规定,自2018年11月14日起,该SDK将不再可用. 请分享符合我们要求的替代实现.
Our web portal built on java frameworks currently using Azure for voice authentication. The current implementation uses Azure Multi-Factor Authentication Software Development Kit (SDK) Java version with MFA Auth Provider. We have created MFA Auth Provider with Azure Subscription. Also the our current MFA implementation at portal do not use MFA server and AD. We maintain users in our portal database. As per Microsoft This SDK will no longer be available after November 14, 2018. Please share the alternate implementations which meets to our requirement.
推荐答案
Taken from my previous post @ https://social.msdn.microsoft.com/Forums/en-US/183b76dd-3af2-4c36-a0e1-506fdcd0c14f/azure-mfa-sdk?forum=WindowsAzureAD
1.使用MFA服务器及其Web服务SDK.您可以将用户从AD或LDAP导入到MFA Server中,并使用该用户存储MFA注册数据.用户可以通过用户门户进行注册,并且所有MFA方法都可用,包括移动应用程序.
1. Use MFA Server and its Web Service SDK. You can import users from AD or LDAP into MFA Server and use that to store the MFA registration data. Users can register via the User Portal and all MFA methods are available, including the mobile app.
2.将您的应用程序与Azure AD集成在一起,以便用户可以使用其Azure AD凭据登录并与O365和其他SaaS应用程序一起获得SSO.您可以要求MFA和/或在登录过程中使用条件访问.
2. Integrate your application with Azure AD so that users can sign in with their Azure AD credentials and get SSO along with O365 and other SaaS applications. You can require MFA and/or use conditional access as part of the sign-in.
3.通过Azure AD应用程序代理发布Web应用程序并启用预身份验证,以便用户可以在登录到应用程序之前使用Azure AD凭据登录(或使用联盟的IdP登录)并执行MFA(或满足条件访问策略).
3. Publish the web app via Azure AD App Proxy and enable pre-authentication so that users can sign in with Azure AD credentials (or sign in with your federated IdP) and perform MFA (or satisfy conditional access policy) before being signed into the application.
4.如果应用程序面向消费者,请实施Azure AD B2C并将其与应用程序集成.使用B2C作为身份管理系统,并适当地执行登录,注册和MFA旅程.
4. If the application is consumer-facing, implement Azure AD B2C and integrate the app with it. use B2C as the identity management system and implement sign-in, sign-up and MFA journeys as appropriate.
--------------------------------------------------- -------------------------------------------------- ----------------------------------
请点击标记为答案"在可以帮助您并将其投票为有帮助的帖子上,这可能会对其他社区成员有所帮助.
-----------------------------------------------------------------------------------------------------------------------------------
Do click on "Mark as Answer" on the post that helps you and vote it as helpful, this can be beneficial to other community members.
这篇关于自定义Azure MFA SDK API替代方案的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
