[英]how to secure my WCF Data Service services
I have already read this thread http://msdn.microsoft.com/en-us/library/dd728284(v=vs.110).aspx 我已经阅读了该线程http://msdn.microsoft.com/zh-cn/library/dd728284(v=vs.110).aspx
I understand the micanizme and approach to secure my webservice. 我了解保护我的Web服务的技巧和方法。
My question is how to do that? 我的问题是怎么做?
I mean: I don't want everyone on the web to access this service 我的意思是:我不希望网络上的每个人都可以使用此服务
https://SOMETHING/SMS
So, should I send the username and password with every serivce? 那么,我应该在每次发送密码时都发送用户名和密码吗? then I check for these username and password.
然后我检查这些用户名和密码。 if correct i return the response?
如果正确,我返回响应?
You can try configuring your IIS to enable Basic or Digest Authentication http://www.asp.net/web-api/overview/security/basic-authentication Turning on SSL will encrypt your messages. 您可以尝试将IIS配置为启用基本或摘要式身份验证http://www.asp.net/web-api/overview/security/basic-authentication启用SSL将加密您的消息。
Doing that, IIS will handle authentication and you wont need to perform any further in your code. 这样做,IIS将处理身份验证,您无需在代码中执行任何其他操作。
Another approach, without any IIS configuration would be: 没有任何IIS配置的另一种方法是:
Both ways are almost the same thing. 两种方式几乎是同一回事。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.