通过 WIFI 在 MVC 应用程序之间共享身份验证
Share Authentication between MVC applications through WIF
我有两个网站,即 A 和 B,其中 A 和 B 都有各自的用户存储。如果用户是 A 的认证用户,它应该能够访问 B 的所有授权页面,反之亦然。
有人可以帮助我如何使用 Windows 身份基础来做到这一点。
谢谢
阅读 MSDN 的主要文章,它完整地描述了 What is Windows Identity Foundation 说:
Windows® Identity Foundation (WIF) is a framework for building
identity-aware applications. The framework abstracts the WS-Trust and
WS-Federation protocols and presents developers with APIs for building
security token services and claims-aware applications. Applications
can use WIF to process tokens issued from security token services and
make identity-based decisions at the web application or web service.
因此,对于跨多个应用程序的身份验证,您应该较少的问题。
一个很好的起点 是 MSDN,它是 How To: Build Claims-Aware ASP.NET MVC Web Application Using WIF
要了解其工作原理,请参阅this helpful MSDN blog。
WIF + MVC 的另一个示例在 Federated Identity with Multiple Partners 中提供,我建议您阅读第一章以了解所有基本原理。
更新:围绕STS
根据MSDN:
A security token service (STS) is the service component that builds,
signs, and issues security tokens according to the WS-Trust and
WS-Federation protocols. There’s a lot of work that goes into
implementing these protocols, but WIF does all of this work for you,
making it feasible for someone who isn’t an expert in the protocols to
get an STS up and running with very little effort. You can use a cloud
STS such as a LiveID STS, a pre-built STS such as Active Directory®
Federation Services (AD FS) 2.0, or, if you want to issue custom
tokens or provide custom authentication or authorization, you can
build your own custom STS using WIF. WIF makes it easy to build your
own STS. For more information, see Building an STS.
以下链接可能对 STS 有帮助:
我有两个网站,即 A 和 B,其中 A 和 B 都有各自的用户存储。如果用户是 A 的认证用户,它应该能够访问 B 的所有授权页面,反之亦然。
有人可以帮助我如何使用 Windows 身份基础来做到这一点。 谢谢
阅读 MSDN 的主要文章,它完整地描述了 What is Windows Identity Foundation 说:
Windows® Identity Foundation (WIF) is a framework for building identity-aware applications. The framework abstracts the WS-Trust and WS-Federation protocols and presents developers with APIs for building security token services and claims-aware applications. Applications can use WIF to process tokens issued from security token services and make identity-based decisions at the web application or web service.
因此,对于跨多个应用程序的身份验证,您应该较少的问题。
一个很好的起点 是 MSDN,它是 How To: Build Claims-Aware ASP.NET MVC Web Application Using WIF
要了解其工作原理,请参阅this helpful MSDN blog。
WIF + MVC 的另一个示例在 Federated Identity with Multiple Partners 中提供,我建议您阅读第一章以了解所有基本原理。
更新:围绕STS 根据MSDN:
A security token service (STS) is the service component that builds, signs, and issues security tokens according to the WS-Trust and WS-Federation protocols. There’s a lot of work that goes into implementing these protocols, but WIF does all of this work for you, making it feasible for someone who isn’t an expert in the protocols to get an STS up and running with very little effort. You can use a cloud STS such as a LiveID STS, a pre-built STS such as Active Directory® Federation Services (AD FS) 2.0, or, if you want to issue custom tokens or provide custom authentication or authorization, you can build your own custom STS using WIF. WIF makes it easy to build your own STS. For more information, see Building an STS.
以下链接可能对 STS 有帮助: