layout: docs-default
概述
IdentityServer3支持WS-Federation協(xié)議,可以作為認證方或者第三方認證的使用方。
如果要集成IdentityServer和第三方 WS-Federation 身份認證, 如: ADFS,請看Identity Providers section of the documentation.
本節(jié)將在IdentityServer3中增加WS-Federation認證方功能。
安裝
WS-Federation支持是IdentityServer3中的一個插件,首先需要通過Nuget安裝:
install-package IdentityServer3.WsFederation
這個插件需要配置IdentityServerOptions上的PluginConfiguration回調(diào):
public void Configuration(IAppBuilder appBuilder)
{
var options = new IdentityServerOptions
{
SiteName = "IdentityServer3 with WsFed",
SigningCertificate = Certificate.Get(),
Factory = factory,
PluginConfiguration = ConfigureWsFederation
};
appBuilder.UseIdentityServer(options);
}
private void ConfigureWsFederation(IAppBuilder pluginApp, IdentityServerOptions options)
{
var factory = new WsFederationServiceFactory(options.Factory);
factory.UseInMemoryRelyingParties(RelyingParties.Get());
var wsFedOptions = new WsFederationPluginOptions
{
IdentityServerOptions = options,
Factory = factory
};
pluginApp.UseWsFederationPlugin(wsFedOptions);
}
WS-Federation插件需要在ServericFactory中注冊。這個例子中,我們注冊了依賴的第三方列表并且實現(xiàn)了IRelyingPartyService (和other in-memory services and stores差不多).
IRelyingPartyService 是唯一必須實現(xiàn)的服務(wù).
一個依賴第三方在WS-Federation中等同于 OpenId Connect 或者 OAuth2 client.
請看 這里 了解更多.
