如何在ASP.NET中使用AD身份验证? [英] How do I use AD Authentication in ASP.NET?

问题描述

我想知道如何在我的项目的Account/Login.aspx页中使用Active Directory，但是我无法在其中找到很多资源.我正在使用VS.Net 2013 Asp.net C#4.0.我以前从来没有做过此事，我只是想知道您如何在组级别访问Active Directory，因此只有该组中的人员才能访问该应用程序.请任何人提供链接或任何有用的信息.我真的很坚持这一点，我需要能够进行这项工作.

I want to know how to use Active Directory in the Account/Login.aspx page in my project but I cannot find a lot of resources out there for this. I am using VS.Net 2013 Asp.net C# 4.0. I have never had to do this before and I was just wondering how you access Active Directory and on a group level so only the person(s) that are in this group have access to the application. Please anyone with a link or any information that would be great. I am really stuck on this and I need to be able to have this working.

推荐答案

我使用活动目录并进行身份验证.您可以将其与默认的Account/Login.aspx一起使用.这些是我用来设置它的链接.

I use active directory and forms authentication. You can use this with the default Account/Login.aspx. These are the links that I have used to set it up.

此链接将向您展示如何使用Active Directory登录. 此链接将向您展示如何设置ADRoleProvider

This link will show you how to log in with Active Directory. This link will show you how to set up an ADRoleProvider.

我更喜欢同时使用它们，因为第一个链接将向您展示如何获取已登录用户的AD组，但是它将它们保存到身份验证cookie中.您必须解密此Cookie才能查看广告用户所在的组...这可能很麻烦.

I prefer to use them both because the first link will show you how to get the AD groups of the logged in user, but it saves them to an authentication cookie. You will have to decrypt this cookie to see which group the ad user is in... this can be a hassle.

第二个链接将显示您必须使用角色，这要简单得多.

The 2nd link will show you have to use roles, which is much simpler.

您可以有一个简单的if语句，例如..

You can have a simple if statement like..

if(User.IsUserInRole("SoftDev"))
{
    //do something
}  

或者您可以像这样在网络配置中使用角色.

or you use the roles in the web config like this..

<location path="Account/Whatever.aspx">
    <system.web>
        <authorization>
            <allow roles="SoftDev"/>
            <deny users="*" />
        </authorization>
    </system.web>
</location>

这将使除"SoftDev"组之外的所有人都无法访问该页面

this will deny everyone to that page besides the group "SoftDev"

如果您使用的是表单身份验证，则这两个链接均是必需的，因为这里还有其他有关使用Windows身份验证的文章.我希望这有帮助.

Both these links are meant if you are using Forms Authentication as there are other articles out there for using Windows Authentication. I hope this helps.

这篇关于如何在ASP.NET中使用AD身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！