在Windows 8中使用Web服务验证用户
[英]Authenticate a user using web service in windows 8
问题描述
I am trying to authenticate a user in windows 8. After authentication there will be many CRUD calls that can be called. 
我正在尝试在Windows 8中对用户进行身份验证。身份验证后,将可以调用许多CRUD调用。 There are services to perform these CRUD operations. 有执行这些CRUD操作的服务。 To prevent unauthorized calls to these CRUD services, I pass an additional parameter GUID(Hashed) returned after a successful login and passed to these services on each call, I store this GUID and the username in the database. 为防止对这些CRUD服务的未经授权的调用,我传递了成功登录后返回的附加参数GUID(Hashed),并在每次调用时传递给这些服务,我将此GUID和用户名存储在数据库中。 This is my model to authenticate and to perform CRUD operations. 这是我的身份验证和执行CRUD操作的模型。 Do you think its doable and secure? 您认为它可行且安全吗? Or are there other better methods? 还是还有其他更好的方法?
1 个解决方案
解决方案1
0 2012-09-25 16:11:47
it depends. 这取决于。 Remember that everyone can catch your GUID using simple Wireshark. 请记住,每个人都可以使用简单的Wireshark捕获GUID。 If you're sure that you're GUID is safe and undecodeble that sure. 如果您确定自己的GUID是安全的,那么请确保该文件不可解码。 Your way will be fine, but if now you know the answer 您的方法会很好,但是如果现在您知道答案了
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.