设计Web平台认证
[英]Designing a web platform authentication
问题描述
I have some architecture question when building a complete web platform (a store for example). 
构建完整的Web平台(例如商店)时,我有一些体系结构问题。 With consideration with Java, Google App Engine (GAE), Shiro and Restful api's 考虑使用Java,Google App Engine(GAE),Shiro和Restful API
Consider I have these 3 main components of the platform: 考虑一下我具有平台的以下3个主要组件:
- Front-end UI 前端用户界面
- Admin UI 管理员界面
- Backend 后端
These 3 components all run as separate applications in the GAE platform. 这3个组件均在GAE平台中作为独立的应用程序运行。
Front-end ui refers to the UI where 'users' use as the main UI to interact with the system, designed with Javascript and calls into the backend by Javascript 前端 ui指的是其中“用户”用作与系统进行交互的主要UI的UI,该界面使用Javascript设计并通过Javascript调用到后端
Admin UI refers to the UI used by admins to administer the platform, its users and its contents. 管理员用户界面是指管理员用于管理平台,用户及其内容的用户界面。
Backend , is the Restful server/service that both the Front-end UI and Admin-UI connects to, which exposes /user api's and /admin api's and api that complete the actual logic of the web service provided. 后端 ,是前端UI和Admin-UI都连接到的Restful服务器/服务,它公开了/user api和/admin api和api,它们完善了所提供的Web服务的实际逻辑。
My question would be, where does authentication fits it, if I put the authentication in the backend, how will work with the front-end authentication. 我的问题是,身份验证在哪里适合,如果我将身份验证放在后端,前端身份验证将如何工作。 Say user logs in by email or by social login (oauth etc.) do I need to provide the Front-end its own authentication then forward to the Backend or in the Front-end this should be just UI and all operation such as login/logout must be through the backend. 假设用户通过电子邮件或社交登录(oauth等)登录,我是否需要提供前端自己的身份验证,然后转发到后端,或者在前端中,这应该只是用户界面以及所有操作,例如登录/注销必须通过后端进行。
If I use Shiro, how can this be achieved. 如果我使用Shiro,该如何实现。 I really prefer that the front-end UI be minimal as possible, of even just be a Single-Page-Application (SPA) or something like that. 我真的更喜欢前端UI尽可能小,甚至可以是单页应用程序(SPA)或类似的东西。 With this, what should be the binding for both the Front-end UI and the backend (considering they are both different GAE application) in terms of authentication 这样,就身份验证而言,前端UI和后端(考虑它们都是不同的GAE应用程序)的绑定应该是什么
1 个解决方案
解决方案1
2 已采纳 2013-08-06 09:05:58
Consider this more a proposal and not an answer. 考虑这更多是一个建议,而不是一个答案。 I understand that your question is about Java version of GAE, but you can always get inspired by other implementations. 我了解您的问题是关于Java版本的GAE,但是您总是可以从其他实现中获得启发。 Gae-init is a web application framework, that demonstrates a majority of good practices. Gae-init是一个Web应用程序框架,它演示了大多数良好实践。 As a contributor I find it distilled knowledge of the last years and an excellent starting point for initializing a large scale web app. 作为撰稿人,我发现它总结了过去的几年的知识以及初始化大型Web应用程序的绝佳起点。 I am pretty confident that you will not encounter any problems with Python implementation ;) 我非常有信心,您在Python实现上不会遇到任何问题;)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.