Novell 集成身份验证 - 在网站上获取本地计算机用户名
首先,我知道如何在 IIS7 中集成 Windows 身份验证。 这对于查看登录计算机的 Active Directory 用户非常有效。
但是,需要获取 Novell 验证用户的用户名。 除了用户名之外,我不需要密码或其他任何内容。
其他限制:
- 不能在用户计算机上安装任何东西
- 可以在 Web 服务器上安装东西
- 可以在 Web 服务器和 Novell 服务器之间建立信任
- 它会位于具有匿名访问权限的公共网站上,我可以调整有一个需要身份验证和的部分从而从那里吸引用户。
- 该网站采用 C# .Net 2.0
- 如果该方法还可以提供密码,我可以使用它来完全验证 Novell 的用户。 该部分(与 Novell Server LDAP 对话)已经完成。
- 必须与 IE6 和 IE7 兼容
(更新) 在 Novell 网站上有关单点登录的唯一信息显示了如何在 Novell 上登录某人并在结论中说明:
一种保存的方法(还有其他方法) 我们在全球范围内的资历 变量,因此用户不必 对每一个都进行身份验证 表单(单点登录)。
(更新) 同样来自 Novell,他们说有一个 SSO 解决方案。 但是,内容可以追溯到 2000 年,另一内容需要安装插件在 Novell 服务器上,每个用户支付 49 美元。 所以它不是一个有效的解决方案。
First off, I know how to and has Integrated Windows Authentication in IIS7. This works great for seeing the Active Directory user logged on the computer.
But, the need is to get the username of a Novell authenticated user. I don't want the password or anything more than the username.
Other restrictions:
- Can't install anything on the users computers
- Can install things on the web server
- Can setup trust between web server and Novell server
- Its gonna be on a public website with anonymous access, I can tweek to have a section that requires authentication and thus getting the user from there.
- The website is in C# .Net 2.0
- If the method can provide also the password, I can use it to fully validate the user with Novell. That part (talking to Novell Server LDAP) has been already done.
- Must work with IE6 and IE7
(Update)
On the Novell website the only info about single-sign on there is shows how to log someone on Novell and in the conclusion tells this:
A way (there are other ways) to save
our credentials inside global
variables so the user does not have to
authenticate for each and every
form(single sign-on).
(Update)
Also from Novell, they say to have a SSO solution. But, the content dates from 2000, and another one requires to install a plugin on the Novell Server and paying for it 49$ per user. So its not a valid solution.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您说您无法在用户的计算机上安装任何内容,但您可能会发现已经有一个可以使用的 ActiveX 控件,该控件可能已作为 PC 上的 Novell 客户端的一部分涉及。
我过去曾这样做过,使用 ActiveX 控件来识别登录的用户,将其传递到 Web 服务器,然后使用 LDAP 加载完整的用户记录:
我过去使用过名为 NWDir1 的记录,使用以下命令语法(使用 ColdFusion 作为服务器端语言,但我相信您可以翻译):
这使用 vbscript 来控制 activex 客户端,该客户端提供 Novell 登录用户。 然后,该值 (vbuser) 被传递回可以对其进行处理的 index.cfm。
这种技术显然容易受到 url 黑客攻击,但我不知道在我们使用这种技术的 4 年多的时间里发生过这种情况。
我确信我最初在 Novell 站点上找到了这个 - 尝试在该站点上搜索 NWDir1 或 classid。
我希望这有帮助
You say that you are unable to install anything on the users' computers, but you may find that there is already an ActiveX control you can use which may have been involved as part of the Novell client on the PC.
I have done this in the past, using the ActiveX control to identify the logged on user, pass that to the webserver, and then load the full user record using LDAP:
I have used one referred to as NWDir1 in the past, using the following syntax (with ColdFusion as the server-side language, but I'm sure you could translate):
This uses vbscript to control the activex client, which provides the novell logged in user. This value (vbuser) is then passed back to index.cfm where it can be processed.
This technique is obviously susceptible to url hacking, but I'm not aware of that happening in the 4+ years we used this technique.
I'm sure I found this on the Novell site originally - try a search for NWDir1 or the classid on that site.
I hope this helps