LDAP如何在ASP.NET Boilerplate中工作? [英] How does LDAP work in ASP.NET Boilerplate?

查看：120 发布时间：2020/4/30 8:58:04 authentication configuration active-directory ldap aspnetboilerplate

本文介绍了LDAP如何在ASP.NET Boilerplate中工作?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我在文档中看不到有关如何操作的任何信息:

I don't see anything in the documentation on how to:

连接到LDAP和
根据广告组设置用于用户访问的控件.

推荐答案

LDAP/Active Directory

LdapAuthenticationSource是外部身份验证的一种实现，它使用户可以使用其LDAP(活动目录)用户名和密码登录.

LdapAuthenticationSource is an implementation of external authentication to make users login with their LDAP (active directory) user name and password.

如果要使用LDAP身份验证，我们首先将Abp.Zero.Ldap nuget包添加到我们的项目(通常添加到Core(域)项目).然后，我们应该为我们的应用程序扩展LdapAuthenticationSource，如下所示:

If we want to use LDAP authentication, we first add Abp.Zero.Ldap nuget package to our project (generally to Core (domain) project). Then we should extend LdapAuthenticationSource for our application as shown below:

public class MyLdapAuthenticationSource : LdapAuthenticationSource<Tenant, User>
{
    public MyLdapAuthenticationSource(ILdapSettings settings, IAbpZeroLdapModuleConfig ldapModuleConfig)
        : base(settings, ldapModuleConfig)
    {
    }
}

最后，我们应该将模块依赖项设置为AbpZeroLdapModule并使用上面创建的身份验证源启用LDAP:

Lastly, we should set a module dependency to AbpZeroLdapModule and enable LDAP with the auth source created above:

[DependsOn(typeof(AbpZeroLdapModule))]
public class MyApplicationCoreModule : AbpModule
{
    public override void PreInitialize()
    {
        Configuration.Modules.ZeroLdap().Enable(typeof (MyLdapAuthenticationSource));    
    }

    ...
}

这些步骤之后，将为您的应用程序启用LDAP模块.但是默认情况下不启用LDAP身份验证.我们可以使用设置启用它. 设置

After these steps, LDAP module will be enabled for your application. But LDAP auth is not enabled by default. We can enable it using settings. Settings

LdapSettingNames类定义用于设置名称的常量.您可以在更改设置(或获取设置)时使用这些常量名称. LDAP设置是针对每个租户的(对于多租户应用程序).因此，不同的租户具有不同的设置(请参阅github上的设置定义).

LdapSettingNames class defines constants for setting names. You can use these constant names while changing settings (or getting settings). LDAP settings are per tenant (for multi-tenant applications). So, different tenants have different settings (see setting definitions on github).

正如您在MyLdapAuthenticationSource构造函数中看到的那样，LdapAuthenticationSource期望ILdapSettings作为构造函数参数.此接口用于获取LDAP设置(例如域，用户名和密码)以连接到Active Directory.默认实现(LdapSettings类)从设置管理器获取这些设置.

As you can see in the MyLdapAuthenticationSource constructor, LdapAuthenticationSource expects ILdapSettings as a constructor argument. This interface is used to get LDAP settings like domain, user name and password to connect to Active Directory. Default implementation (LdapSettings class) gets these settings from the setting manager.

如果您与设置管理器一起工作，则没问题.您可以使用设置管理器API更改LDAP设置.如果需要，可以将初始/种子数据添加到数据库以默认情况下启用LDAP身份验证.

If you work with Setting manager, then no problem. You can change LDAP settings using setting manager API. If you want, you can add an initial/seed data to database to enable LDAP auth by default.

注意:如果您未定义域，用户名和密码，则当您的应用程序在具有适当特权的域中运行时，LDAP身份验证适用于当前域. 自定义设置

Note: If you don't define domain, username and password, LDAP authentication works for current domain if your application runs in a domain with appropriate privileges. Custom Settings

如果要定义另一个设置源，则可以实现一个自定义的ILdapSettings类，如下所示:

If you want to define another setting source, you can implement a custom ILdapSettings class as shown below:

public class MyLdapSettings : ILdapSettings
{
    public async Task<bool> GetIsEnabled(int? tenantId)
    {
        return true;
    }

    public async Task<ContextType> GetContextType(int? tenantId)
    {
        return ContextType.Domain;
    }

    public async Task<string> GetContainer(int? tenantId)
    {
        return null;
    }

    public async Task<string> GetDomain(int? tenantId)
    {
        return null;
    }

    public async Task<string> GetUserName(int? tenantId)
    {
        return null;
    }

    public async Task<string> GetPassword(int? tenantId)
    {
        return null;
    }
}

并在模块的PreInitialize中将其注册到IOC:

And register it to IOC in PreInitialize of your module:

[DependsOn(typeof(AbpZeroLdapModule))]
public class MyApplicationCoreModule : AbpModule
{
    public override void PreInitialize()
    {
        IocManager.Register<ILdapSettings, MyLdapSettings>(); //change default setting source
        Configuration.Modules.ZeroLdap().Enable(typeof (MyLdapAuthenticationSource));
    }

    ...
}

然后，您可以从任何其他来源获取LDAP设置.

Then you can get LDAP settings from any other source.

https://aspnetboilerplate.com/Pages/Documents/Zero /User-Management#ldapactive-directory

这篇关于LDAP如何在ASP.NET Boilerplate中工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

LDAP如何在ASP.NET Boilerplate中工作? [英] How does LDAP work in ASP.NET Boilerplate?

问题描述

推荐答案

相关文章

其他开发最新文章

热门教程

热门工具

登录关闭

LDAP如何在ASP.NET Boilerplate中工作? [英] How does LDAP work in ASP.NET Boilerplate?

问题描述

推荐答案

相关文章

其他开发最新文章

热门教程

热门工具

登录 关闭

登录关闭