堆栈内存溢出
  简体   繁体   English

带有身份验证的Windows Phone BackgroundTransferRequest

[英]Windows phone BackgroundTransferRequest with authentication

 原文  2014-01-08 13:13:52       c#/ asp.net-mvc-3/ windows-phone-8/ forms-authentication/ background-transfer

问题描述

I want to use BackgroundTransferRequest object to download some large documents but I can't find out how to put credentials like username and password to access the documents. 我想使用BackgroundTransferRequest对象下载一些大文档,但是我找不到如何放置用户名和密码之类的凭据来访问文档的方法。 I have ASP.NET MVC 3 controller which give me documents. 我有ASP.NET MVC 3控制器,可以给我文档。

2 个解决方案

解决方案1
 0  2014-01-08 15:07:39

You can only download data that can be aquired using a GET request. 您只能下载可以使用GET请求获取的数据。 The only way of proividing some "security" would be making the server to accept username and password in URL as GET parameters. 提供某种“安全性”的唯一方法是使服务器接受URL中的用户名和密码作为GET参数。

解决方案2
 0 已采纳  2014-01-08 20:44:20

You should be able to use basic HTTP auth. 您应该能够使用基本的HTTP身份验证。 I don't have much experience with BackgroundTransferRequest object, but it looks like it allows you to set request headers. 我对BackgroundTransferRequest对象没有太多经验,但是看起来它允许您设置请求标头。 So, for basic http auth you need to add a header "Authorization: Basic xxxxx" where xxxxx is base64 encoded userid:password. 因此,对于基本的HTTP身份验证,您需要添加标题“ Authorization:Basic xxxxx”,其中xxxxx是base64编码的userid:password。 You obviously would have to configure IIS to use basic auth with your MVC app 您显然必须将IIS配置为对MVC应用程序使用基本身份验证

Sending credentials in the URL is a very bad idea, because they are passed in clear text. 在URL中发送凭据不是一个好主意,因为它们以明文形式传递。 Every piece of infrastructure between the phone and web server will see and log your credentials. 电话和Web服务器之间的每个基础架构都将看到并记录您的凭据。 There is a good chance these web logs will end up indexed by Google. 这些网络日志很有可能最终被Google索引。 Sending password in the header is protected by SSL, assuming you are using it. 假设您正在使用标头,则在标头中发送密码受SSL保护。

Even sending the password in the header not ideal, since you'll have to store the credentials on the phone somewhere. 即使在标头中发送密码也不是理想的选择,因为您必须将凭据存储在手机上的某个位置。 If the phone is not trusted, you are asking for problems down the road. 如果您不信任电话,则说明您正在寻求问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Windows Phone BackgroundTransferRequest问题 - Windows Phone BackgroundTransferRequest Issue Windows Phone中的BackgroundTransferRequest的TransferStatusChanged和TransferProgressChanged事件未调用 - TransferStatusChanged and TransferProgressChanged events of BackgroundTransferRequest in Windows Phone not getting called Windows Phone上的LDAP身份验证 - LDAP Authentication on Windows Phone Windows Phone 8 Facebook身份验证 - Windows Phone 8 Facebook Authentication HttpWebRequest身份验证问题(Windows Phone 8) - HttpWebRequest authentication issue(windows phone 8) Windows Phone 8.1中的GooglePlus身份验证 - GooglePlus Authentication in Windows Phone 8.1 Windows Phone的Azure移动服务的身份验证问题 - Authentication issues with Azure Mobile Service for Windows Phone Windows Phone 8.1-低功耗蓝牙和身份验证 - Windows Phone 8.1 - Bluetooth Low Energy and Authentication Facebook聊天PLAIN身份验证问题Windows Phone - Facebook chat PLAIN authentication issue Windows Phone Windows Phone 8应用中使用Live Connect SDK进行“身份验证失败”? - “Authentication Failed” with Live Connect SDK on Windows Phone 8 app?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM