[英]Asp.Net Core 2.0 Webapi simple authentication
I would like to secure certain api's in dotnet core. 我想在dotnet核心中保护某些api。
There is no need for roles. 不需要角色。 I only need to allow or disallow.
我只需要允许或禁止。
To check if a user is allowed I use Active Directory with a Novell nuget library . 为了检查是否允许用户使用,我将Active Directory与Novell nuget 库一起使用 。 This part already works.
这部分已经起作用。
To secure the api I just add the Authorize attribute on the method. 为了保护api,我只需在方法上添加Authorize属性。
At the moment I use a http header to pass username and password. 目前,我使用http标头传递用户名和密码。 (base64 encoded).
(以base64编码)。
How do I combine the AD check with the Authorize attribute? 如何将AD检查与Authorize属性结合在一起?
I've seen AddIdentity / AddAuthentication / AddAuthorization / Claims / JWT / ... but I'm lost. 我见过AddIdentity / AddAuthentication / AddAuthorization / Claims / JWT / ...但是我迷路了。
I would go with Thinktecture IdentityServer Get's the jobe done 我会选择Thinktecture IdentityServer来完成工作
you will also find a lot of examples and samples that you can refer to. 您还将找到许多可以参考的示例和样本。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.