WS 联合:SSO 是 WS 联合规范的一部分吗?
WS Federation: Is SSO apart of the WS Federation specification?
当使用被动客户端(例如 Web 浏览器)并使用带有 STS(例如 ADFS)的 WS Federation 时,将实现对依赖方的 SSO。这是 WS Federation 规范的一部分(即,当使用被动客户端时,SSO 将通过 WS Federation 实现)还是 ADFS 的实现细节(即,ADFS 设置一个 cookie,因此您只需要向 ADFS 验证一次。 .只是因为微软开发人员认为它会改善用户体验)?
许多其他产品也支持该标准。
https://en.wikipedia.org/wiki/WS-Federation_Passive_Requestor_Profile
http://janbernhardt.blogspot.com/2014/12/understanding-ws-federation-passive.html
WS-Federation Passive Requestor Profile is a Web Services specification - intended to work with the WS-Federation specification - which defines how identity, authentication and authorization mechanisms work across trust realms. The specification deals specifically with how applications, such as web browsers, make requests using these mechanisms. In this context, the web-browser is known as a "passive requestor." By way of contrast, WS-Federation Active Requestor Profile deals with "active requestors" such as SOAP-enabled applications. WS-Federation Passive Requestor Profile was created by IBM, BEA Systems, Microsoft, VeriSign, and RSA Security.[1]
当使用被动客户端(例如 Web 浏览器)并使用带有 STS(例如 ADFS)的 WS Federation 时,将实现对依赖方的 SSO。这是 WS Federation 规范的一部分(即,当使用被动客户端时,SSO 将通过 WS Federation 实现)还是 ADFS 的实现细节(即,ADFS 设置一个 cookie,因此您只需要向 ADFS 验证一次。 .只是因为微软开发人员认为它会改善用户体验)?
许多其他产品也支持该标准。
https://en.wikipedia.org/wiki/WS-Federation_Passive_Requestor_Profile
http://janbernhardt.blogspot.com/2014/12/understanding-ws-federation-passive.html
WS-Federation Passive Requestor Profile is a Web Services specification - intended to work with the WS-Federation specification - which defines how identity, authentication and authorization mechanisms work across trust realms. The specification deals specifically with how applications, such as web browsers, make requests using these mechanisms. In this context, the web-browser is known as a "passive requestor." By way of contrast, WS-Federation Active Requestor Profile deals with "active requestors" such as SOAP-enabled applications. WS-Federation Passive Requestor Profile was created by IBM, BEA Systems, Microsoft, VeriSign, and RSA Security.[1]