堆栈内存溢出
  简体   繁体   English

在Windows应用程序上使用自定义身份验证可以采取哪些预防措施?

[英]What precautions can I take for using custom authentication on a Windows application?

 原文  2013-11-06 13:18:09       c#/ wpf/ security/ authentication/ mvvm

问题描述

I am writing a new version of a Delphi app in WPF/MVVM. 我正在WPF / MVVM中编写Delphi应用程序的新版本。 It is not a complete redesign from the ground up, but rather just replacing Delphi code with WPF code, with a few modernization changes. 这不是从头开始的完整重新设计,而只是用WPF代码替换了Delphi代码,并进行了一些现代化的更改。 I currently only have access to the running Delphi app, not source, but will have that soon. 我目前只能访问正在运行的Delphi应用程序,而不能访问源代码,但是很快就可以访问。

Currently authentication uses a database query for a user name and hashed - I suspect it's not quite one way, but must address that later than today - password. 目前,身份验证使用数据库查询用户名并进行哈希处理(我怀疑这不是一种方法,但必须在今天以后解决)-密码。 How do I store that a user is authenticated, to check for access to all application commands and data? 如何存储用户已通过身份验证,以检查对所有应用程序命令和数据的访问? A simple private boolean in the User view model, an instance which is contained in the top level, application, view model? User视图模型中的一个简单的私有布尔值,该实例包含在顶级应用程序视图模型中吗? Or maybe when I extend to authorization, simply the fact that the User view model has been allocated a null list of permissions? 也许当我扩展到授权时,仅仅是为User视图模型分配了一个空权限列表这一事实? What is normally done here? 通常在这里做什么?

The application is an access control and time and attendance management app for a very large international corporation, so security levels need be fairly high. 该应用程序是一家大型国际公司的访问控制和考勤管理应用程序,因此安全级别需要相当高。 Using AD is not feasible at this point due to the equally massive user base and list of access rights, and the rewrite is on very high priority. 由于同样庞大的用户群和访问权限列表,此时使用AD是不可行的,并且重写具有很高的优先级。

1 个解决方案

解决方案1
 0  2013-11-06 13:30:14

Not a simple question, actually. 实际上,这不是一个简单的问题。

This doesn't fit as a comment, so I'm posting this as an answer: 这不适合作为评论,因此我将其发布为答案:

  • what is the architecture of your application? 您的应用程序的架构是什么? 2-tier? 2层? 3-tier? 3层?
  • are you using WCF for the communication? 您在使用WCF进行通讯吗?
  • who are the users of your application? 您的应用程序的用户是谁? Windows users? Windows用户?
  • from where is your application used? 您的应用程序从哪里使用? In a Windows domain? 在Windows域中? Over the Internet? 通过互联网?

Those questions might help you decide which way to go. 这些问题可能会帮助您决定要走的路。

For example, if you're using 3-tier architecture, WCF for the communication, application used on a Windows domain, you might be interested in a non-custom authentication (you could use Windows authentication). 例如,如果您在Windows域上使用3层体系结构,用于通信的WCF应用程序,则您可能会对非自定义身份验证感兴趣(可以使用Windows身份验证)。 See MSDN (Authentication, Authorization, and Identities in WCF) . 请参阅MSDN(WCF中的身份验证,授权和身份)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Windows身份验证的Web应用程序无法通过代理 - Web application using Windows authentication can't go through proxy 在ASP.NET中处理大文件传输时,应采取哪些预防措施? - When handling large file transfers in ASP.NET what precautions should you take? 使用Windows身份验证的Windows平板电脑应用程序 - Application for Windows tablet using Windows Authentication 使用Windows身份验证的MVC 5自定义逻辑授权 - MVC 5 custom logic authorization using windows authentication 我需要采取什么步骤来实现具有角色的表单身份验证? - What steps do I need to take to implement forms authentication with roles? 在同一个MVC应用程序中使用OWIN Cookie身份验证和Windows身份验证 - Using both OWIN Cookie Authentication and Windows Authentication in the same MVC application 我可以做些什么来使我的C#应用​​程序利用多个处理器内核? - What can I do to make my C# application take advantage of multiple processor cores? 如何通过Windows应用程序访问具有基于声明的身份验证的SharePoint 2010网站页面? - How can I access SharePoint 2010 site page which has claim based authentication through windows application? 使用C#构建命令行应用程序之前应采取哪些步骤 - What steps shall I take before building a command line application using C# 如何创建用于身份验证的 Windows 服务,自定义 Web 应用程序可使用该服务对 AD 用户进行身份验证? - How do I create a windows service for authentication that custom web applications can use to authenticate AD users?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM