使用 LDAP 的 IIS 基本身份验证 [英] IIS basic authentication using LDAP
问题描述
我有一个需要通过 IIS 使用 HTTP 身份验证的 Web 服务.唯一的障碍是用户的凭据在 LDAP 中.有没有办法将 IIS 配置为使用 LDAP 凭据进行基本身份验证?我以为我可以将默认域或领域设置为 LDAP 连接字符串的一部分,但没有任何运气.谢谢,
I have a web service which needs to use HTTP authentication with IIS. The only hurdle is that the user's credentials are in LDAP. Is there a way to configure IIS to use LDAP credentials for it's basic authentication? I thought I could set the default domain or realm to part of the LDAP connection string, but haven't had any luck. Thanks,
-会
推荐答案
我会做什么(我假设您使用的是第三方 LDAP,并且没有内置的方法来执行此操作;我尚未检查)已设置 MADAM 并实现自定义 IUserSecurityAuthority 通过扩展 Madam.UserSecurityAuthorityBase 来检查 LDAP 的凭据.
What I would do (I'm assuming you're using a third party LDAP, and that there isn't a built in way of doing this; I haven't checked) is set up MADAM and implement a custom IUserSecurityAuthority by extending Madam.UserSecurityAuthorityBase to check the credentials against LDAP.
您所要做的就是重写一些从 LDAP 进行身份验证的方法.如果您碰巧使用 LDAP Membership Provider 进行表单身份验证,则可以跳过单独实现它并使用 MADAM 中包含的示例 MembershipSecurityAuthority.
All you will have to do is override a handful of methods to authenticate from LDAP. If you happen to be using an LDAP Membership Provider for forms authentication, you can skip implementing that separately and use the example MembershipSecurityAuthority included with MADAM.
此处摘自该示例文件:
protected override bool ValidateUser(string userName, string password)
{
return MembershipProvider.ValidateUser(userName, password);
}
这篇关于使用 LDAP 的 IIS 基本身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
