Implementing authentication in ASP.Net Web API
Question
I am aware this is the most basic question and is asked many times, however I have failed to find relevant details for my requirement. I am developing ASP.Net as front end and using ASP.Net Web API service. I am planning to use Basic Auth using SSL.
Could someone help me with below:
In future, I plan to have multiple clients including Android, iOS and Windows phone client. Any issues using Basic Auth over SSL?
Please help me confirm if below is right implementation approach. I will write new Controller - AccountController in ASP.net Web API and use this controller for methods: Login, Logout and RegisterNewUser. All of them will be POST methods.
What should be code inside Login API apart from verifying user from database. Also should login method return any object to client?
Any reference which will help me understand client side of code, which will send authorization token on every web api request? Note: I am heavily using jqGrid with CRUD operation, which will make API requests.
2 answers
solution1
0 2014-04-11 09:43:52
There are no problems using Basic Authentication using these clients as far as I know. I have tested this scenario with Android myself.
I have just successfully implemented Basic Auth using this link as a resource: http://www.piotrwalat.net/basic-http-authentication-in-asp-net-web-api-using-message-handlers
/Rune
solution2
0 2014-04-11 14:13:41
1) There's no problem using SSL and Basic Auth together.
2/3/4) That would be a valid approach, though I'd recommend that you create a new MVC project and look at the generated code in the AccountController.cs file. This will give you some guidance on how to code these actions.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.