Coap 服务器未授权访问 C#
[英]Coap Server Unauthorized Access C#
问题描述
I am trying o figure out how CoAP server handles authentication.
我正在尝试了解 CoAP 服务器如何处理身份验证。 DTLS seems to be the only option. DTLS 似乎是唯一的选择。 However I could not find any clear example of it for .NET. I have also seen a mention about cookie on server side but that is all, no more information.但是,对于 .NET,我找不到任何明确的示例。我还在服务器端看到了关于 cookie 的提及,但仅此而已,没有更多信息。
https://github.com/chkr1011/CoA.net seems to be a good library. https://github.com/chkr1011/CoA.net似乎是个不错的图书馆。 They also have a client example but I sould not find server example of it.他们也有一个客户端示例,但我找不到它的服务器示例。 Projest seems to have CoAP server as well, however I could not find it in source code. Projest 似乎也有 CoAP 服务器,但我在源代码中找不到它。
Can any client send requests to the server if url is known?如果已知 url,任何客户端都可以向服务器发送请求吗? Is DTLS the way to go? DTLS 是通往 go 的路吗? Is there any server/client example of DTLS in C#? C# 中是否有 DTLS 的服务器/客户端示例?
1 个解决方案
解决方案1
0 已采纳 2020-09-23 06:58:48
If a java server will also help, have a look at eclipse/californium .如果 java 服务器也有帮助,请查看eclipse/californium 。 We run a sondbox at "californium.eclipse.org" and if you want to "connect" a client, you may just use the "openssl" PSK demo credentials "Client_identity" and "secretPSK".我们在“californium.eclipse.org”运行一个 sonbox,如果你想“连接”一个客户端,你可以只使用“openssl”PSK 演示凭证“Client_identity”和“secretPSK”。
Can any client send requests to the server if url is known?
That depends on the protocol variant.这取决于协议变体。 Without encryption (plain coap), yes.没有加密(普通coap),是的。 Some projects then use a "token" in the request, to authenticate the request (see ThingsBoard).然后一些项目在请求中使用“令牌”来验证请求(参见 ThingsBoard)。 With encryption (DTLS, coaps), you need valid credentials, eg PSK (as above), a x.509 certificate or a Raw Public Key certificate.对于加密(DTLS、coaps),您需要有效的凭据,例如 PSK(如上所述)、x.509 证书或原始公钥证书。 There are also setups, where only the server authenticates itself using x.509, and the client then uses the already encrpyted communication to authenticate with an other mechanism (eg username/password, so very similar to the model, mostly used with https).还有一些设置,其中只有服务器使用 x.509 验证自己,然后客户端使用已经加密的通信通过其他机制(例如用户名/密码,非常类似于 model,主要用于 https)进行验证。
The most pain is usually to find implementations, which could be used in the intended/wanted way.最痛苦的通常是找到可以以预期/想要的方式使用的实现。 Maybe some projects helps you, to adapt the implementation.也许某些项目可以帮助您调整实施。
Is DTLS the way to go?
In my opinion, yes.在我看来,是的。 The alternative with OSCORE (payload encryption) are currently in development, we will see, if that changes the game. OSCORE(有效载荷加密)的替代方案目前正在开发中,我们将看到它是否会改变游戏规则。
Is there any server/client example of DTLS in C#?
I don't know that.我不知道。 Maybe you ask that the project you already found.也许您会问您已经找到的项目。 Or ask here CoAP-CSharp或者在这里问CoAP-CSharp
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.