ASP.NET多个联合身份提供商 [英] ASP.NET multiple federated identity providers
问题描述
我开发一个ASP.NET应用程序。我已经成功添加了STS参考了独立的AD FS 2.0服务器,这样我就可以对第三方的Active Directory进行身份验证。问题是,我有一个以上的客户,谁希望能够对他们自己的Active Directory进行身份验证。看来我只能添加一个STS参考项目。如何将多个身份提供者添加到ASP.NET应用程序,然后选择编程我想将浏览器重定向到身份验证哪个供应商?谢谢!
I am developing an ASP.NET application. I have successfully added an STS reference to a stand-alone AD FS 2.0 server, so I can authenticate against a 3rd party's active directory. The problem is that I have more than one client who wishes to be able to authenticate against their own active directory. It seems that I can only add one STS reference to a project. How do I add multiple identity providers to an ASP.NET application and then programatically choose which provider I want to redirect the browser to for authentication? Thanks!
拉尔夫
推荐答案
这是不正常的联合模式。
That's not the normal federation pattern.
您正常绑定你的应用程序一个STS(说STS1)使用FedUtil,然后在STS水平与其他STS(说STS2和STS3)联合。然后,当用户访问应用程序,WIF重定向到STS1,你会得到一个家庭领域发现屏幕,询问谁你想在反对(STS1 / STS2 / STS3)。
You normally "bind" your application to one STS (say STS1) using FedUtil and then at the STS level federate with other STS (say STS2 and STS3). Then when the user accesses the application, WIF redirects to STS1 and you get a "Home Realm Discovery" screen that asks "Who would you like at authenticate against (STS1 / STS2 / STS3).
您的问题并不表示你是否已经知道这一点,还是你想知道如何对多种STS进行身份验证。
Your question doesn't indicate whether you already knew this or whether you are wondering how to authenticate against multiple STS.
更新:您可以使用VS创建自定义的STS - 不知道,如果是人力资源开发出了盒。你需要满足哪些认证店?为什么你认为你需要一个自定义的STS?您可以使用ADFS所有的多个实例,联合对对方或PingIdentity或OpenAM联合ADFS ......看一看 IdentityServer 。这是一个自定义的STS这是用一个非常良好的基础。
Update: You can use VS to create a custom STS - not sure if HRD is out-the-box. What other authentication stores do you need to cater for? Why do you think you need a custom STS? You can use multiple instances of ADFS all federated against each other or federate ADFS with PingIdentity or OpenAM ... Have a look at IdentityServer. That's a custom STS which is a very good base to use.
更新2 :是的 - 你是正确的。
Update 2: Yes - you are correct.
这篇关于ASP.NET多个联合身份提供商的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
