对广告的混合模式身份验证和后备数据库，如果它失败，会员供应商 [英] mixed mode authentication against AD and fallback to the database if it fail with Membership providers

问题描述

我的用户将使用形式的身份验证对Active Directory或数据库。世界上没有Windows集成身份验证有!!

my user will use form authentication against Active Directory or database. Theres no Windows Integrated Authentication there!!

我要的是当用户提交表单的认证，它会尝试验证对Active Directory的用户，如果它失败了，尝试用数据库。

What i want is when the user submit the authentication form, it will try to validate the user against Active Directory and if it fail, try with the database.

我怎样才能做到这一点？我脑子里想的是要建立一个自定义的成员提供，这将封装逻辑，但林不知道如何下手。

How can i do that? What i had in mind was to build a custom membership provider that will encapsulate the logic but im not sure how to start.

有没有更好的主意吗？

推荐答案

的仅的方式你要能够实现，这是通过创建一个自定义的人员。

The only way you are going to be able to implement this is by creating a custom provider.

在一个完美的世界里，你可以简单地创建一个门面提供程序，然后利用合适的供应商，SQL或AD，必要时进行身份验证并返回的MembershipUser 到任何程度完整性你觉得必要的。

In a perfect world, you could simply create a facade provider and then leverage the appropriate provider, SQL or AD, as necessary, to authenticate and return MembershipUser to whatever degree of completeness you find necessary.

在现实世界中，这仍然是可能的，但您将需要通过一些跳铁圈：

In the real world, this is still possible but you will need to jump through a few hoops:

• 创建您的门面提供商，并把它的第一在提供商的成员的子元素元素，并在成员设置为defaultProvider 元素


• 正确地配置 SqlMembershipProvider的和<一href=\"http://msdn.microsoft.com/en-us/library/system.web.security.activedirectorymembershipprovider.aspx\"相对=nofollow> ActiveDirectoryMembershipProvider 和的门面的地方后，他们的。


• 从你的门面，从静态接入配置的提供者 Membership.Providers 集合根据需要执行的功能。

• create your facade provider and place it first in the providers child element of the membership element AND set it as defaultProvider in the membership element
• properly configure a SqlMembershipProvider and an ActiveDirectoryMembershipProvider and place them after your facade.
• from your facade, access the configured providers from the static Membership.Providers collection to perform the functions as needed.

您可能会发现，你需要的，如果你需要使用的角色重复这种模式，虽然它是适用的，实施将是一个有点复杂，超出了本文的范围。

You may find that you need to repeat this pattern if you need to use roles and while it is applicable, the implementation will be a bit more complex and beyond the scope of this post.

另外，完整的源$ C ​​$ C为SQL提供商可以发现<一个href=\"http://download.microsoft.com/download/a/b/3/ab3c284b-dc9a-473d-b7e3-33bacfcc8e98/ProviderToolkitSamples.msi\"相对=nofollow>这里并实现工业级的自定义提供一个很好的出发点和指导。

Alternately, full source code for the SQL providers can be found here and are a great starting point and guidance for implementing an industrial grade custom provider.

我会建议首先探索阻力最小（和最低劳动和头痛）的路径，并试图从头开始实现自定义的安全功能之前，秒杀外观。

I would suggest first exploring the path of least resistance (and least labor and headache) and spike a facade before attempting to implement a custom security feature from scratch.

祝你好运。

这篇关于对广告的混合模式身份验证和后备数据库，如果它失败，会员供应商的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！