WSO2 Identity Server:如何对用户进行身份验证?
[英]WSO2 Identity Server: How to authenticate User?
问题描述
I am using in-memory DB for storing user details in WSO2 Identity server. 
我正在使用内存数据库在WSO2 Identity Server中存储用户详细信息。 I create couple of users via UI and now I want to authenticate those user using some external application. 我通过UI创建了几个用户,现在我想使用一些外部应用程序对这些用户进行身份验证。
Is there any available WSO2 service which takes User credentials and authenticate based on the details provided? 是否有可用的WSO2服务需要用户凭据并根据提供的详细信息进行身份验证? I saw few articles where they mainly talking about User Stores. 我看到的几篇文章主要讨论用户存储。 But there, I think, they directly connect to DB to compare the credentials. 但是,我认为它们在那里直接连接到数据库以比较凭据。
2 个解决方案
解决方案1
2 2017-07-13 12:45:16
There are multiple ways to authenticate a user from Identity Server. 有多种方法可以从Identity Server认证用户。 Easiest way is that you can call the admin service (SOAP service) for authentication (RemoteUserStoreManagerService/authenticate). 最简单的方法是可以调用管理服务(SOAP服务)进行身份验证(RemoteUserStoreManagerService / authenticate)。 Or you can create a OAuth application inside the IS and use resource owner grant type to pass the credentials and authenticate. 或者,您可以在IS内创建OAuth应用程序,并使用资源所有者授予类型来传递凭据并进行身份验证。
You can find admin service related information from here [1] and password grant related information from here [2] 您可以从此处[1]找到与管理服务相关的信息,并从此处[2]找到与密码授予相关的信息。
解决方案2
1 2017-07-13 14:20:14
Is there any available WSO2 service which takes User credentials and authenticate based on the details provided?
I believe we've misused the Token API service ( /token with password OAuth profile) to request an OAuth code and the WSO2IS effectviely validates the user's credentials. 我相信我们已经滥用了令牌API服务(带有密码的OAuth配置文件/ token)来请求OAuth代码,而WSO2IS有效地验证了用户的凭据。
I suggest your application would stick to some authentication and authorization standards supported by the WSO2IS, such as OAuth 2.0 or SAML. 我建议您的应用程序应遵循WSO2IS支持的某些身份验证和授权标准,例如OAuth 2.0或SAML。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.