堆栈内存溢出
  简体   繁体   English

如何检查ASP.NET MVC用户是否从单独的WCF服务应用程序进行了身份验证和授权?

[英]How to check an ASP.NET MVC user is authenticated and authorized from a separate WCF service application?

 原文  2015-03-02 18:10:04       c#/ asp.net/ asp.net-mvc/ wcf/ asp.net-identity-2

问题描述

I have two projects: 我有两个项目:

  1. An ASP.NET MVC 5.2 Application using ASP.NET Identity 2.2 使用ASP.NET Identity 2.2的ASP.NET MVC 5.2应用程序
  2. A WCF Application SOAP XML service. WCF应用程序SOAP XML服务。

Note: The WCF service is not hosted by ASP.NET, nor is it running in ASP.NET compatibility mode. 注意:WCF服务不是由ASP.NET托管,也不是在ASP.NET兼容模式下运行。 A requirement of this project is that it is interface based and ASP.NET compatibility mode does not appear to allow an interface based implementation. 该项目的一个要求是它是基于接口的,并且ASP.NET兼容模式似乎不允许基于接口的实现。

The ASP.NET MVC Application calls the WCF SOAP XML service server side when a user makes a specific action request. 当用户发出特定操作请求时,ASP.NET MVC应用程序调用WCF SOAP XML服务服务器端。 However, the WCF service is accessed via the public Internet so in theory anyone could call it if they knew the address. 但是,WCF服务是通过公共互联网访问的,所以理论上任何人都可以在知道地址的情况下调用它。 I need to ensure that only ASP.NET Identity registered users who are Administrator role are able to call it. 我需要确保只有管理员角色的ASP.NET身份注册用户才能调用它。 The WCF Application could directly access the database but it doesn't seem like it would be the best solution? WCF应用程序可以直接访问数据库,但它似乎不是最好的解决方案?

How can I check from the WCF service whether a user is authenticated and authorized in ASP.NET MVC 5.2 using ASP.NET Identity 2.2 using object passing? 如何从WCF服务检查是否使用ASP.NET Identity 2.2使用对象传递在ASP.NET MVC 5.2中对用户进行了身份验证和授权? Which objects or properties should be passed and checked? 应传递和检查哪些对象或属性? Is there any other solution? 还有其他解决方案吗? Is it possible to check authentication/authorization with attributes in wcf? 是否可以使用wcf中的属性检查身份验证/授权?

1 个解决方案

解决方案1
 0  2015-03-02 18:19:30

Do you own both, are they in the same domain? 你有两个,他们在同一个域?

You could interact with a database behind the scenes to generate an auth token, then have the wcf service pass a url with the token back to the user. 您可以在后台与数据库交互以生成身份验证令牌,然后让wcf服务将带有令牌的URL传递给用户。 When the user goes to the site via the tokenized url it checks against the database from the perspective of the ASP app and authenticates. 当用户通过令牌化的URL访问该站点时,它从ASP应用程序的角度检查数据库并进行身份验证。 It's a bit asymmetric, but it would handle your use case without getting into domain restrictions. 它有点不对称,但它可以处理您的用例而不会进入域限制。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在ASP.Net MVC应用程序中使用来自WCF身份验证服务的身份验证cookie - How to use authentication cookie from WCF Authentication Service in an ASP.Net MVC application 将WCF服务添加到ASP.NET Core MVC应用程序 - Add WCF service to ASP.NET Core MVC application 在ASP.NET MVC 4应用程序中使用Restful WCF服务 - Consume Restful WCF service in asp.net mvc 4 application 在Asp.Net MVC应用程序中调用wcf服务 - Calling a wcf service in a Asp.Net MVC application 如何检查用户是否在 ASP.NET Core 中通过身份验证 - How to check if a user is authenticated in ASP.NET Core 使用WCF服务中的数据填充ASP.NET MVC中的组合框 - Populate combobox in ASP.NET MVC with data from a WCF service 带有WCF服务的ASP.NET Core MVC - ASP.NET Core MVC with WCF Service 重新检查授权用户(asp.net core) - Re-check authorized user (asp.net core) 经过身份验证的ASP.NET MVC表单身份验证时重定向用户 - redirect user when Authenticated asp.net mvc forms Authentication 在Asp.Net MVC 3中,什么构成AuthorizeAttribute的经过身份验证的用户? - In Asp.Net MVC 3 what constitutes a authenticated user to the AuthorizeAttribute?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM