堆栈内存溢出
  简体   繁体   English

多个外部网站的Web API授权

[英]Web API authorization for multiple external websites

 原文  2017-07-05 12:44:51       c#/ asp.net/ authentication/ asp.net-web-api/ authorization

问题描述

There is a requirement to have a common web api application to service 3 different MVC web applications. 需要有一个通用的Web api应用程序来为3个不同的MVC Web应用程序提供服务。 These client web applications have their own databases and own authentication implementations. 这些客户端Web应用程序具有自己的数据库和身份验证实现。 How do we configure the web api application to provide access to a set of APIs to web app 1 alone and deny to all other web apps, similarly for web app 2 and so on? 我们如何配置Web api应用程序以仅提供对Web应用程序1的一组API的访问,而拒绝所有其他Web应用程序的访问,类似于Web应用程序2等等? In other words, is there a way to 'register' each web app with the web api service and also build in a mechanism through which the web app is only allowed access to a set of endpoints? 换句话说,有没有办法向每个Web应用程序“注册” Web api服务,并建立一种仅允许Web应用程序访问一组端点的机制? Thanks for all the help.. 感谢所有的帮助。

1 个解决方案

解决方案1
 1  

There are a handful of ways of solving this 有几种解决方法

  • Host multiple WebAPI servers in a single process to effectively meet your requirement while making your project easier to organize 在单个过程中托管多个WebAPI服务器,以有效满足您的要求,同时使您的项目更易于组织

  • Use Authentication and Authorization filters to customize how requests are accepted, denied, and routed 使用身份验证和授权过滤器来自定义接受,拒绝和路由请求的方式

  • Using a router and/or switch at the hardware level, create a blacklist/whitelist combined with a reverse proxy (beware of MAC spoofing, etc, with this solution) 在硬件级别使用路由器和/或交换机,创建与反向代理结合使用的黑名单/白名单(使用此解决方案时,请注意MAC欺骗等)

  • Use dependency injection to add abstraction to the process and to remove the ability to specify a custom endpoint in an unintended manner programmatically; 使用依赖注入将抽象添加到流程中,并删除以编程方式意外地指定自定义端点的功能; this solution will only work if you control the client code, however 仅当您控制客户端代码时,此解决方案才有效

From the sound of it, the issue you're describing doesn't seem like one regarding the visibility of the endpoints, but of the access control to leverage them. 从它的声音来看,您描述的问题似乎与端点的可见性无关,而在于利用端点的访问控制。 If I'm wrong, please let me know in a comment and I'll update my answer. 如果我错了,请在评论中让我知道,我将更新答案。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在多个API网站上使用授权令牌 - use authorization token on multiple api websites 在 .net 6 web API 中实现多重授权 - Implement multiple authorization in .net 6 web API Web API 中的多个 JWT 授权令牌 - Multiple JWT authorization token in Web API 使用外部Web API提供的OAuth Bearer Token授权 - Authorization with OAuth Bearer Token provided by External Web API 具有相同身份验证 Web API 的多个应用程序的授权工作流程是什么? - What would be the authorization workflow for multiple applications with the same authentication web API? 具有多个.net应用程序的Web API 2.0 Owin授权 - Web API 2.0 Owin authorization with multiple .net applications Web API Windows授权被拒绝 - Web api windows authorization denied Web API / OWIN,SignalR和授权 - Web API / OWIN, SignalR & Authorization 通过HttpWebRequest进行Web API授权 - Web API Authorization via HttpWebRequest 每个实体的Web API授权 - Web API per entity authorization
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM