堆栈内存溢出
  简体   繁体   English

结合IdentityServer4和MVC客户端

[英]Combine IdentityServer4 and MVC client

 原文  2016-08-26 06:33:58       c#/ identityserver4

问题描述

I downloaded the sample IdentityServer and MVC client project from Github. 我从Github下载了示例IdentityServer和MVC客户端项目。 My goal is to create a portal environment, in which a user can authenticate and than proceed to request protected resources. 我的目标是创建一个门户环境,用户可以在其中进行身份验证,然后继续请求受保护的资源。

So what I did is move the Views from the MVC client to the IdentityServer project, changed the Client.cs to support a client on the same port and added the following in the startup from the IdentityServer: 所以我做的是将视图从MVC客户端移动到IdentityServer项目,更改Client.cs以支持同一端口上的客户端,并在IdentityServer的启动中添加以下内容: 

        var oidcOptions = new OpenIdConnectOptions
        {
            AuthenticationScheme = "oidc",
            SignInScheme = "Cookies",

            Authority = "http://localhost:5000",
            RequireHttpsMetadata = false,
            PostLogoutRedirectUri = "http://localhost:5000/",
            ClientId = "mvc",
            ClientSecret = "secret",
            ResponseType = "code id_token",
            GetClaimsFromUserInfoEndpoint = true,
            SaveTokens = true
        };

My question is are there any reasons, concerning security, I should not implement this and keep it seperated? 我的问题是有任何理由,关于安全问题,我不应该实施这个并保持分离?

1 个解决方案

解决方案1
 3  2016-08-26 06:57:19

There is nothing wrong with this at all from a security perspective. 从安全角度来看,这根本没有任何问题。

However I must warn you that you may run into a problem when dealing with cookies and tokens. 但是,我必须警告您,在处理cookie和令牌时可能会遇到问题。 Running them in separate projects implicitly separates the concerns of the MVC and IDS projects. 在单独的项目中运行它们隐含地分离了MVC和IDS项目的关注点。

something that you might want to do is to fork your request pipeline by using app.Map() . 您可能想要做的事情是使用app.Map()来分叉您的请求管道。 (eg map IDS to "/identity" and the MVC project to "/ui") (例如,将IDS映射到“/ identity”,将MVC项目映射到“/ ui”)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 MVC Client和Api在IdentityServer4中一起工作 - MVC Client and Api working together in IdentityServer4 IdentityServer4 作为 Identity/api 端点和 MVC 客户端的 IdentityServer 快速入门 - IdentityServer4 Quickstart for IdentityServer as Identity/api endpoints and MVC client 在对IdentityServer4进行初始ASPNET MVC客户端身份验证之后捕获事件? - Capture event after initial ASPNET MVC Client authentication to IdentityServer4? 使用 IdentityServer4 保护胖客户端 - Securing thick client with IdentityServer4 GetDiscoveryDocumentAsync 失败,IdentityServer4 客户端 - GetDiscoveryDocumentAsync failed, IdentityServer4 client identityserver4 RequestResourceOwnerPasswordAsync未经授权的客户端 - identityserver4 RequestResourceOwnerPasswordAsync unauthorized_client IdentityServer4 - ApiResource和Client,它们是如何捆绑在一起的 - IdentityServer4 - ApiResource and Client, how are they tied together IdentityServer4,本地 API,外部 REST 客户端 - IdentityServer4, local API, external REST client IdentityServer4:具有客户端凭据的WinForm客户端的多个实例-令牌问题 - IdentityServer4: Multiple Instances of a WinForm client with client credentials - Token question IdentityServer4作为具有.Net Core WSFederation Preview2的WSFederation-client - IdentityServer4 as WSFederation-client with .Net Core WSFederation preview2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM