使用ADFS重新验证？ [英] Reauthenticate using ADFS?

问题描述

我的任务是编写一个使用ADFS进行身份验证的asp.net Web应用程序。但是，在应用程序的某一阶段，用户将不得不重新进行身份验证并再次提供其用户名和密码。

I am being tasked with writing an asp.net web app that will use ADFS for authentication. However, at one stage in the application users will have to re-authenticate and supply their username and password again.

可以使用ADFS做到吗？

Can this be done with ADFS?

推荐答案

ASP.NET应用程序可以是STS的主动客户端，也可以是被动客户端。当您需要加强时，请提供一些输入字段，并要求用户提供有关其身份的其他证明。使用 WSTrustChannelFactory ，将此信息（可能还有原始令牌）传递给STS获得一个新的令牌，该令牌更新鲜，并且包含足以授权更高价值交易的声明。

The ASP.NET app can be an active client to the STS as well as a passive one. When you need to step up, provide some input fields and ask the user for additional proof of who they are. Using the WSTrustChannelFactory, pass this info (and possibly the original token) to the STS to get a new token that is fresher and contains claims that are sufficient to authorize the the higher value transaction.

这篇关于使用ADFS重新验证？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！