WCF服务身份验证和授权
[英]WCF Service authentication and authorization
问题描述
I have the requirement to setup authentication and authorization on a WCF Service, right now the service is created and working but no authentication. 
我需要在WCF服务上设置身份验证和授权,现在该服务已创建并且可以正常工作,但是没有身份验证。
There is also the need to authenticate existing users and passwords that are being stored in a SQL database and are already used by another web application, but since I do not have the source code for it, and being still adjusting do .NET I am having some dificulties. 还需要对存储在SQL数据库中并已被另一个Web应用程序使用的现有用户和密码进行身份验证,但是由于我没有它的源代码,并且仍在调整.NET,因此我需要一些麻烦。
I can read the database and found several aspnet_ tables in the database such as aspnet_Users, aspnet_Roles etc that so far seem to match with the ones used in the web application. 我可以读取数据库,并在数据库中找到多个aspnet_表,例如aspnet_Users,aspnet_Roles等,这些表到目前为止似乎与Web应用程序中使用的表匹配。
My question is how can I easily implement authentication and method authorization using the existing database. 我的问题是如何使用现有数据库轻松实现身份验证和方法授权。
Please note that I do not have access to the web-application source code. 请注意,我无权访问Web应用程序源代码。
Thanks. 谢谢。
2 个解决方案
解决方案1
0 已采纳 2012-03-20 11:03:58
MVC uses the standard ASP.Net membership provider. MVC使用标准的ASP.Net成员资格提供程序。 If you click the Log On button/register link - you can add a user. 如果单击“登录”按钮/注册链接-您可以添加用户。 ASP.Net will create App_Data\\ASPNETDB.MDF containing the membership information. ASP.Net将创建包含成员资格信息的App_Data \\ ASPNETDB.MDF。 You can move ASPNETDB.MDF to a remote DB server, but you must use the Membership provider schema/DB (unless you write your own provider). 您可以将ASPNETDB.MDF移至远程数据库服务器,但必须使用成员资格提供程序架构/数据库(除非您编写自己的提供程序)。
A few MVC links to get you started. 一些MVC链接可帮助您入门。
http://www.asp.net/mvc/tutorials/older-versions/security/authenticating-users-with-forms-authentication-vb http://weblogs.asp.net/fredriknormen/archive/2007/11/25/asp-net-mvc-framework-security.aspx http://blog.wekeroad.com/blog/aspnet-mvc-securing-your-controller-actions/ http://www.asp.net/mvc/tutorials/older-versions/security/authenticating-users-with-forms-authentication-vb http://weblogs.asp.net/fredriknormen/archive/2007/11/25 /asp-net-mvc-framework-security.aspx http://blog.wekeroad.com/blog/aspnet-mvc-securing-your-controller-actions/
The default authentication/authorization configuration added use ASP.NET standard membership and role manager service provider( the local SQL Express one). 添加的默认身份验证/授权配置使用ASP.NET标准成员身份和角色管理器服务提供程序(本地SQL Express)。 If your existing database(for user login) is also ASP.NET standard sql membership database, you can simply change the connection string of the membership section. 如果您现有的数据库(用于用户登录)也是ASP.NET标准sql成员数据库,则只需更改成员部分的连接字符串即可。 Otherwise, you might need to create a custom membership provider which uses your own database tables for user authentication. 否则,您可能需要创建一个自定义成员资格提供程序,该提供程序使用您自己的数据库表进行用户身份验证。
Implementing a Membership Provider http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx 实施成员资格提供程序 http://msdn.microsoft.com/zh-cn/library/f1kyba5e.aspx
Building Custom Providers for ASP.NET 2.0 Membership http://msdn.microsoft.com/en-us/library/aa479048.aspx 为ASP.NET 2.0成员资格构建自定义提供程序 http://msdn.microsoft.com/zh-cn/library/aa479048.aspx
解决方案2
0 2012-03-20 11:25:00
Really no easy way to achieve your requirements. 实在没有简单的方法可以达到您的要求。 Here is the library you can use and follow stricktly steps described in this blog to setup authentication with SQL Membership provider for WCF services. 这是您可以使用的库,并严格按照本博客中介绍的步骤操作,以使用WCF服务的SQL成员资格提供程序设置身份验证。
In my case I did small update to the library. 就我而言,我对库进行了小更新。 I've commented out line of code 我已注释掉代码行
//if (!IsAnonymousAllowed)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.