首页 > 编程入门 文章详情

如何申请SSO(单点登录)(How to apply SSO (single sign on))

编程入门 行业动态 更新时间:2024-10-18 10:19:26
如何申请SSO(单点登录)(How to apply SSO (single sign on))

我已经在ASP.NET&SQL下开发了一个5 asp.net应用程序。 每个应用程序都有他的私人用户表“凭证”来授权登录用户。

如何应用SSO解决方案来涵盖5申请? 知道同一用户在每个应用程序上拥有不同的访问凭证“用户名和密码”与5应用程序上的同一用户不同。

如果有任何第三方工具可以在不改变应用程序的任何东西的情况下做到这一点,将会非常好。

谢谢。

I already have a 5 asp.net application developed under ASP.NET & SQL. each application has his private users tables "credential" to authorize the users on the login.

How can apply a SSO solution to cover the 5 application ? knowing that the same user has different access credential on each application "The username & Password" not same for the same user on the 5 application.

also if there is any third party tool to do that without change any thing on the 5 application, will be very good.

Thanks.

最满意答案

您可以为此使用Identity Server(这里https://identityserver.github.io/Documentation/docsv2/是版本3的文档,您可以在那里找到如何在您的APP中运行授权)。

身份服务器提供IdentityServerOptions对象,您可以在其中定义一些内容。 但是对于您来说,将是您可以配置Identity Server行为的最重要的Factory属性。

这里是一个例子: 

public class Factory
{
    public static IdentityServerServiceFactory Create()
    {
        var factory = new IdentityServerServiceFactory();

        // Users are taken from custom UserService which implements IUserService
        var userService = new YourUserService();

        factory.UserService = new Registration<IUserService>(resolver => userService);

        // Custom view service, for custom login views
        factory.ViewService = new Registration<IViewService>(typeof(YourViewService));

        // Register for Identity Server clients (applications which Identity Server recognize and scopes
        factory.UseInMemoryClients(Clients.Get());
        factory.UseInMemoryScopes(Scopes.Get());

        return factory;
    }
}
 

 YourUserService将实现IUserService (由Identity Server提供),您可以在其中授权用户您需要的方式,在AuthenticateLocalAsyncGetProfileDataAsync方法中,您可以执行自己的身份验证逻辑。 
 

 使用Startup类中的Factory作为Identity Server项目 
 

public void Configuration(IAppBuilder app)
{
    var options = new IdentityServerOptions
    {
        SiteName = "IdentityServer",
        SigningCertificate = LoadCertificate(),
        EnableWelcomePage = false,
        Factory = Factory.Create(),                
        AuthenticationOptions = new AuthenticationOptions
        {
           EnablePostSignOutAutoRedirect = true,
           EnableSignOutPrompt = false,
        },
    };

    app.UseIdentityServer(options);
}
 

 这里https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/CustomUserService你可以找到一些使用自己的UserService的例子 
 

 同样在这里https://github.com/IdentityServer/IdentityServer3.Samples是更多的例子如何使用Identity Server。 
 

 唯一不好的是,在每个应用程序中,您必须使用Identity Server作为身份验证服务进行配置,因此您必须更改现有应用 
You can use Identity Server for this purpose (here https://identityserver.github.io/Documentation/docsv2/ is documentation for version 3 and you can find there how to run authorization in your APP).
 

The identity server provide IdentityServerOptions object where you can define some stuff. But for you will be most important Factory property where you can configure Identity Server behavior.
 

Here is example:
 

public class Factory
{
    public static IdentityServerServiceFactory Create()
    {
        var factory = new IdentityServerServiceFactory();

        // Users are taken from custom UserService which implements IUserService
        var userService = new YourUserService();

        factory.UserService = new Registration<IUserService>(resolver => userService);

        // Custom view service, for custom login views
        factory.ViewService = new Registration<IViewService>(typeof(YourViewService));

        // Register for Identity Server clients (applications which Identity Server recognize and scopes
        factory.UseInMemoryClients(Clients.Get());
        factory.UseInMemoryScopes(Scopes.Get());

        return factory;
    }
}
 

Where YourUserService will implemtent IUserService (provided by Identity Server) where you can authorize users how you need, in methods AuthenticateLocalAsync and GetProfileDataAsync you can do your own logic for authentication. 
 

And using of the Factory in Startup class for Identity Server project
 

public void Configuration(IAppBuilder app)
{
    var options = new IdentityServerOptions
    {
        SiteName = "IdentityServer",
        SigningCertificate = LoadCertificate(),
        EnableWelcomePage = false,
        Factory = Factory.Create(),                
        AuthenticationOptions = new AuthenticationOptions
        {
           EnablePostSignOutAutoRedirect = true,
           EnableSignOutPrompt = false,
        },
    };

    app.UseIdentityServer(options);
}
 

Here https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/CustomUserService you can find some exmaple of this using own UserService
 

Also here https://github.com/IdentityServer/IdentityServer3.Samples are more examples how to working with Identity Server.
 

Only bad thing is that in every application you must configure using Identity Server as authentication service so you must change existing apps.

更多推荐

本文发布于:2023-08-05 23:40:00,感谢您对本站的认可!
本文链接:https://www.elefans.com/category/jswz/34/1440883.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。
本文标签:单点   SSO   apply   sign   single

发布评论

评论列表 (有 0 条评论)

最近发表

草根站长

>www.elefans.com

编程频道|电子爱好者 - 技术资讯及电子产品介绍!

热门文章

标签列表