在没有 ADFS 的情况下为 sharepoint Foundation 2010 创建自定义 IP-STS

发布于 2024-09-03 22:57:55 字数 922 浏览 6 评论 0原文

我计划在没有 ADFS 服务器的情况下为 SharePoint Foundation 2010 创建非常简单的自定义 IP-STS,以便任何人都可以在没有 ADFS 的情况下将 Windows Live ID 集成到 SharePoint Foundation 2010,我无法使用 ADFS 服务器,因为它无法安装在 Windows Web Server 2008 上( Web 版),我还发现许多文章使用 LDAP 提供程序,但它在 SharePoint Foundation 中也不存在(它需要 Sharepoint Server Edition)。

经过大量搜索后,我刚刚找到了以下文章并找到了除一个问题之外的所有技术。

  1. 创建自定义声明提供程序:blogs.technet.com/b/speschka/archive/2010/03/13/writing-a-custom-claims-provider-for-sharepoint-2010-part-1.aspx

  2. 创建自定义 STS提供商:链接

仅剩一步:在 STS 站点中输入用户名并重定向到 localhost/_trust/default.aspx 后出现以下错误,(我留下 EncryptingCertificateName空的)。

由于对象的当前状态,操作无效,

我希望得到访问被拒绝错误而不是该错误。

1.到底有可能吗? 2.任何人都可以帮助我在哪里可以找到在没有 ADFS 服务器的情况下创建自定义 IP-STS 的工作文章 任何想法都会帮助我

谢谢

I plan to create very simple custom IP-STS for SharePoint foundation 2010 without ADFS server so anyone can integrate Windows Live ID to SharePoint foundation 2010 simply without ADFS, I can't use ADFS server because it could not install on Windows Web Server 2008 (Web Edition), also I found many article use LDAP provider but it does not exists in SharePoint Foundation too (it requires Sharepoint Server Edition).

After too much searching I just found the following article and find all technique except one problem.

  1. Creating Custom Claim Provider: blogs.technet.com/b/speschka/archive/2010/03/13/writing-a-custom-claims-provider-for-sharepoint-2010-part-1.aspx

  2. Creating Custom STS Provider: Link

Only one step remains: I got following error after enter username in STS site and redirect to localhost/_trust/default.aspx , ( I leave EncryptingCertificateName empty).

Operation is not valid due to the current state of the object

I expect to get access denied error instead of that error.

1.Is it possible anyway?
2.Can anyone help me where can I find working article to create custom IP-STS without ADFS server
Any idea will help me

Thanks

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

一指流沙 2024-09-10 22:58:07

您可以在此处查看 Thinktecture 的Starter STS

You can check Thinktecture's Starter STS here.

归途 2024-09-10 22:58:05

您需要检查您正在使用的所需声明(即默认声明)是否确实随登录一起提供。如果没有,那么它将失败。例如,如果您使用 ADFS,并将默认声明设置为电子邮件地址,则您需要确保用户在身份验证域的帐户中实际设置了电子邮件地址。

我会首先检查正在使用的声明。

You need to check that the required claim (i.e. the default claim) you are using is actually supplied with the login. If not then it will fail. For example if you were using ADFS, and set the default claim to be email address, you would need to ensure that the user actually had an email address set within their account on the authenticating domain.

I would check the claims that are being used first.

呆头 2024-09-10 22:58:03

Microsoft 现在在以下位置提供了更好的演练:
http://msdn.microsoft.com/en-us/library/ff955607.aspx

此链接为您提供自定义 ASP.NET 被动 STS 身份提供程序的源代码、使用身份提供程序(用于测试目的)的示例 ASP.NET 应用程序以及将向其注册身份提供程序的 WinForms 应用程序Sharepoint,以便您的 Sharepoint 站点也可以使用该提供程序。

注意:我遇到的唯一问题是我必须更改签名证书的指纹。这是一个已知问题,并在此链接提供的文档中提到。但是,当您从证书存储区复制并粘贴指纹时,请注意剪贴板可能会在指纹字符串的开头和/或结尾添加特殊字符。因此,请确保在将指纹添加到 .NET 解决方案之前删除所有特殊字符。 (例如,只需转到字符串的开头并按删除键,直到它开始实际删除可见字符。)

There is a better walkthrough that is now supplied by Microsoft at the following location:
http://msdn.microsoft.com/en-us/library/ff955607.aspx

This link supplies you with source code for a custom ASP.NET passive STS identity provider, a sample ASP.NET application that uses the identity provider (for testing purposes), and a WinForms app that will register the identity provider with Sharepoint so that your Sharepoint site can use the provider as well.

NOTE: The only hitch I ran into was that I had to change the thumbprint for the signing certificate. This is a known issue and is mentioned in the documentation provided at this link. However, when you copy and paste the thumbprint from the certificate store, beware that the clipboard may add special characters to the beginning and/or end of the thumbprint string. So make sure you remove any special characters before adding the thumbprint to your .NET solution. (e.g. just go to the beginning of your string and hit the delete key until it starts to actually delete visible characters.)

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文