当SharePoint网站开启了Claims认证后,取回来的user的loginname是一个奇怪的字符串,这个到底是什么意思那?

这篇文章详细解释了:

https://blogs.msdn.microsoft.com/svarukala/2014/03/26/saml-claims-user-id-format/

拷贝如下:

SAML Claims User Id Format

I was working with a customer and shared this information about the format in which user identity claims (aka user id) appears in any Claims based site. I shared below information with the customer and it appeared they didn't know about this until then. Sharing this information here for the greater community.

SharePoint 2013 and SharePoint 2010 display identity claims with the following encoding format:

<IdentityClaim>:0<ClaimType><ClaimValueType><AuthMode>|<OriginalIssuer (optional)>|<ClaimValue>

Example: i:05.t|saml provider|spuserid@contoso.lab

Where:

  • <IdentityClaim> indicates the type of claim and is the
    following:
  • i” for an
    identity claim
  • c” for any
    other claim
    • <ClaimType>
      indicates the format for the claim value and
      is the following:
    • #
      for a user logon name
    • .
      for  an anonymous user
    • 5
      for an email address
    • !
      for an identity provider
    • +
      for a Group security identifier (SID)
    • -
      for a role
    • %
      for a farm ID
    • ?
      for a name identifier
    • "\"
      for a private personal identifier (PPID)
      • <ClaimValueType>
        indicates the type of formatting for the
        claim value and is the following:
      • .
        for a string
      • +
        for an RFC 822-formatted name
        • <AuthMode>
          indicates the type of authentication used to
          obtain the identity claim and is the following:
        • w
          for Windows claims (no original issuer)
        • s
          for the local SharePoint security token service (STS)
          (no original issuer)
        • t
          for a trusted issuer
        • m
          for a membership issuer
        • r
          for a role provider issuer
        • f
          for forms-based authentication
        • c
          for a claim provider
          • <OriginalIssuer>
            indicates the original issuer of the
            claim.
          • <ClaimValueType>
            indicates the value of the claim in the
            <ClaimType> format.

Sharepoint claim认证的login name的更多相关文章

  1. SharePoint Claim base authentication EnsureUser 不带claim(i:0#.w|)user Failed

    环境信息: 带有Form base authentication(FBA).Active Directory Federation Services(ADFS).以及windows Authentic ...

  2. Spring Security笔记:使用数据库进行用户认证(form login using database)

    在前一节,学习了如何自定义登录页,但是用户名.密码仍然是配置在xml中的,这样显然太非主流,本节将学习如何把用户名/密码/角色存储在db中,通过db来实现用户认证 一.项目结构 与前面的示例相比,因为 ...

  3. [SharePoint]SharePoint Claim base Authentication的一个比较好的介绍

    User identity in AD DS is based on a user account. For successful authentication, the user provides ...

  4. Resolving SharePoint Application Authentication Error: Login Failed

    Check event viewer log Click Start, click Run, type eventvwr, and then click OK. Click on Security u ...

  5. Integrating SharePoint 2013 with ADFS and Shibboleth

    Time again to attempt to implement that exciting technology, Federation Services (Web Single Sign On ...

  6. 自定义Sharepoint的登陆页面

    转:http://www.cnblogs.com/jecoso/archive/2008/05/25/1207151.html 原文作者:Damon Armstrong 原文地址:http://www ...

  7. WebApi使用JWT认证(二)

    这是第二部:实现NetCore上的WebApi使用JWT认证 1.NetCore新建一个WebApi的项目 2.打开AppSettings.json,添加Jwt的信息,这里为了演示而已 { " ...

  8. .NET Core的JWT认证的学习

    今天学习下JWT,遇到了两个坑爹问题,这里记录下.在 ASP.NET Core 中,授权的设置方式有两种,可以使用角色,也可以使用策略,这里也将简单举例角色.策略的使用. JWT这里不做介绍,如果想了 ...

  9. Shiro-JWT SpringBoot前后端分离权限认证的一种思路

    JWT-Shiro 整合 JWT-与Shiro整合进行授权认证的大致思路 图示 大致思路 将登录验证从shiro中分离,自己结合JWT实现 用户登陆后请求认证服务器进行密码等身份信息确认,确认成功后 ...

随机推荐

  1. crontab计划执行脚本详解

    Crontab是Linux系统中在固定时间执行某一个程序的工具,类似于Windows系统中的任务计划程序. 一.安装crontab yum install vixie-cron  #安装 chkcon ...

  2. Serilog简介

    Serilog是.net 下的新兴的日志框架,本文这里简单的介绍一下它的用法. 首先安装Nuget包: Install-Package Serilog Install-Package Serilog. ...

  3. ChibiOS/RT 2.6.9 CAN Driver

    Detailed Description Generic CAN Driver. This module implements a generic CAN (Controller Area Netwo ...

  4. 北大 ACM 分类 汇总

    1.搜索 //回溯 2.DP(动态规划) 3.贪心 北大ACM题分类2009-01-27 1 4.图论 //Dijkstra.最小生成树.网络流 5.数论 //解模线性方程 6.计算几何 //凸壳.同 ...

  5. 在树莓派2上安装 Windows 10

    微软在2015年4月29日发布了树莓派玩家期待已久的 Windows 10 物联网核心预览版(Windows 10 IoT Core Insider Preview Image for Raspber ...

  6. Caused by: redis.clients.jedis.exceptions.JedisConnectionException: java.net.SocketTimeoutException: connect timed out

    问题: java连接不上redis. 异常信息: Caused by: redis.clients.jedis.exceptions.JedisConnectionException: java.ne ...

  7. centos7更改为启动桌面或命令行模式

    进入cenos7的命令行模式 终端输入“init 3”回车进入命令行模式 登录成功后 # systemctl get-default //获取当前系统启动模式 查看配置文件 # cat /etc/in ...

  8. HTML 5 <script> async 属性简单设置代码异步执行

    HTML5中 script标签支持脚本的异步执行async.脚本将会异步运行: <script type="text/javascript" src="demo_a ...

  9. ss简单使用

    ss简单使用 ss即socket state. 1.常用语句 ss -l 显示所有处于监听的网络接口连接 ss -pl 显示所有处于监听的网络接口连接,及相应的进程名称.进号等 ss -t -a 显示 ...

  10. Netty端口被占用问题

    问题:   最近发现Netty项目每次发布的时候Netty在重启时都会报端口被占用的异常, 需要过十几秒左右手动重启一遍, Netty才能恢复正常 目前猜测是由于Tomcat_restart的时候Ne ...