堆栈内存溢出
  简体   繁体   English

使用“ System.Identity.Model.Claims”进行授权和身份验证

[英]Using 'System.Identity.Model.Claims' for Authorization and Authentication

 原文  2009-06-02 11:29:55       .net/ wcf/ .net-3.5/ claims-based-identity

问题描述

I want to add authentication and authorization to my application. 我想向我的应用程序添加身份验证和授权。 I do not want to use Active Directory for this. 我不想为此使用Active Directory。 Should I use System.IdentityModel.Claims to do this? 我应该使用System.IdentityModel.Claims来做到这一点吗? Will using System.IdentityModel.Claims make it easier to implement authentication and authorization and why/why not? 使用System.IdentityModel.Claims会使实现身份验证和授权更容易,为什么/为什么不呢?

2 个解决方案

解决方案1
 1  2009-06-02 18:00:06

You might consider looking at the Microsoft Geneva framework for Claims-Based Authentication and authorization. 您可能会考虑查看基于声明的身份验证和授权的Microsoft Geneva框架。 http://www.microsoft.com/geneva http://www.microsoft.com/geneva

Implementing Claims based security will definitely make things easier on you. 实施基于声明的安全性绝对可以使您更轻松。

Claims-based security has the following advantages over role-based and access control lists (ACLs): 与基于角色和访问控制列表(ACL)相比,基于声明的安全性具有以下优点:

  • Single programming model, no matter the authentication scheme used 单一编程模型,无论使用哪种身份验证方案
  • Claims flow across services in a SOA environment easier and in a more standards-compliant way 索偿跨SOA环境中的服务流动更容易且更符合标准
  • More flexible (you may see that a role is really just another type of claim) 更灵活(您可能会发现角色实际上只是另一种主张)
  • No need to reauthenticate when crossing process boundaries 跨越流程边界时无需重新认证

Hope this helps. 希望这可以帮助。

解决方案2
 0  2009-07-12 05:13:25

Well what do you want to use? 那么您想使用什么? A database? 数据库? What do you believe claims based authentication will give you? 您认为基于声明的身份验证会给您带来什么?

Claims based authentication makes life easier if you want to flow identity through multiple systems such as a middle tier and onto a compatible back end without having to mess with impersonation and delegation.It's also partially for federation - allowing other people's systems to perform the authentication and for you to then authorise access to your application based on the identity information sent by those systems. 如果您希望将身份流经多个系统(例如中间层)并流到兼容的后端而又不打扰模拟和委派,则基于声明的身份验证将使生活变得更轻松,它还部分用于联合身份验证-允许其他人的系统执行身份验证和然后您可以根据这些系统发送的身份信息授权对您的应用程序的访问。

But if all you want to do is avoid using AD and instead use usernames and passwords sourced from a database then membership providers are an easier option which enable role and user based authorization checks for WCF and ASP.NET. 但是,如果您要做的就是避免使用AD,而是使用从数据库中获取的用户名和密码,则成员资格提供程序是一个更简单的选项,它可以为WCF和ASP.NET启用基于角色和用户的授权检查。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 .NET 4.5 声明身份模型 - .NET 4.5 Claims Identity Model 认证授权系统 - Authentication & Authorization system 如何使用ASP.NET身份模型进行WCF服务授权和身份验证 - How to use ASP.NET Identity Model for WCF service authorization and authentication 具有基于声明的身份验证和多个角色的Windows Identity Foundation - Windows Identity Foundation with Claims based Authentication and Multiple Roles 对特定资源的声明授权 - Claims authorization for specific resources 有关使用Windows Identity Foundation的联合身份验证的问题 - Question on Federated Authentication using Windows Identity Foundation .NET Core Api 使用身份服务器 4 进行身份验证 - .NET Core Api authentication using Identity server 4 如何使用感知声明的用户名/登录授权为WCF服务创建本地STS? - How to create local STS for my WCF Service using claims aware Username/Login authorization? 如何使用ADAL库在ADFS中向身份令牌添加更多声明? - How Do I Add More Claims to the Identity Token in ADFS Using ADAL Libraries? WCF服务并添加自定义身份声明 - WCF service and adding custom Identity claims
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM