堆栈内存溢出
  简体   繁体   English

如何在Katana中编写多个身份验证处理程序?

[英]How to compose multiple authentication handlers in Katana?

 原文  2016-03-05 04:30:23       c#/ authentication/ asp.net-web-api/ owin/ katana

问题描述

I want to create a web API service which exposes a resource that can be accessed using either a client certificate OR a JWT token for authentication. 我想创建一个Web API服务,该服务公开一个可以使用客户端证书 JWT令牌进行身份验证的资源。

I found some middleware that validates a client certificate and some nice instructions how to create your own authentication middleware . 我找到了一些用于验证客户端证书的中间件,以及一些有关如何创建自己的身份验证中间件的很好的说明。 Microsoft has middleware OAuthBearerAuthenticationMiddleware that validates JWT tokens. Microsoft具有验证JWT令牌的中间件OAuthBearerAuthenticationMiddleware Obviously I can't just install them both as the first middleware will terminate the pipeline when authentication fails. 显然我不能同时安装它们,因为当身份验证失败时,第一个中间件将终止管道。

So I thought I would create a composite authentication middleware class that owns two AuthenticationHandler objects and would call AuthenticateAsync() for the handlers from its AuthenticateCoreAsync() until one returns a valid AuthenticationTicket . 因此,我想我将创建一个复合身份验证中间件类,该类具有两个AuthenticationHandler对象,并将从其AuthenticateCoreAsync()的处理程序中调用AuthenticateAsync() ,直到一个返回有效的AuthenticationTicket为止。 The problem is that the CreateHandler methods in the AuthenticationMiddleware class are protected, so I can't seem to compose these objects. 问题在于AuthenticationMiddleware类中的CreateHandler方法受到保护,因此我似乎无法组成这些对象。

I cannot instantiate the OAuthBearerAuthenticationHandler class myself as it is internal. 我无法自己实例化OAuthBearerAuthenticationHandler类,因为它是内部的。

How can I re-use these existing middleware components to enable both types of authentication without copying the code into my own handler? 如何在不将代码复制到自己的处理程序中的情况下重新使用这些现有的中间件组件来启用两种身份验证?

Or am I going about this the wrong way and is there another way of having two authentication methods on the same web API service? 还是我会走错路,在同一个Web API服务上是否有另外两种方式来使用两种身份验证方法?

1 个解决方案

解决方案1
 4 已采纳  2016-03-07 13:38:10

It is actually not true that authentication middleware terminates the pipeline when authentication fails. 身份验证失败时,身份验证中间件终止管道实际上是不正确的。 It is designed to be composable. 它被设计为可组合的。

Every middleware can contribute zero or one identity which becomes a ClaimsPrincipal in the end. 每个中间件可以贡献零个或一个身份,最终成为ClaimsPrincipal

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 OWIN身份验证管道以及如何正确使用Katana中间件? - The OWIN authentication pipeline, and how to use Katana middleware correctly? 在OWIN / Katana身份验证管理器中使用HttpPost进行注销 - Use HttpPost for Logout in OWIN/Katana authentication manager 使用基本身份验证向Katana Hosted WebAPI添加cookie - Add cookies to Katana Hosted WebAPI with Basic Authentication 如何配置多个异常处理程序 - How to configure multiple exception handlers 使用Windows身份验证的OWIN / Katana WebAPI不断要求登录/密码 - OWIN/Katana WebAPI using Windows Authentication keeps asking for login/password 如何使用owin / katana流式传输运动jpeg? - How to stream a motion jpeg using owin/katana? 在Owin,Katana和Nancy成功进行cookie身份验证后,重定向到ReturnUrl - Redirect to ReturnUrl after successful cookie authentication in Owin, Katana & Nancy 如何在XAML中为附加事件添加多个处理程序? - How to add multiple handlers to an attached event in XAML? 如何为多个类似控件编写事件处理程序? - How to write event handlers for multiple similar controls? 如何从多个按钮处理程序访问变量 - How to access variable from multiple button handlers
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM