一个 Web 服务的基于角色的方法?
我正在尝试建立一个(目前)非常简单的网络服务。简单地说,我的意思是它在代码端只需要做少量的实际工作。它实际上只有一种方法/功能:客户端发送用户登录信息,服务以有关用户的其他非常安全的详细信息进行响应(出于本问题的目的,假设用户的生日)。
我有很多问题,但现在我想知道:
我正在考虑使用此方法的两个版本。在版本一中,客户端只能发出没有可变信息的通用请求。该服务将响应在客户端会话中经过身份验证的人员的生日。在第二个版本中,客户端可以查询任何用户名(实际上是他们想要的任何用户名)并返回生日或“未找到”等。
提供两者的应用程序将使大多数开发人员都能获得生日当前用户的信息,以便它可以应用于该会话。扩展我的示例:用户登录时,开发人员希望能够获得“生日快乐”(如果适用)。服务/数据的所有者不希望开发人员的客户端对有关用户的任何内容(甚至是他们的登录)进行任何访问,无论是真实的还是概念上的,他们只是想满足开发人员的目标,因为这真的很好。开发人员不想对可能访问任何东西负责,他只是想表现得友善。
第二版可供某些用户支持小组使用。他们实际上需要查找打电话的用户的出生日期,以便确认用户的年龄是否足以租车。他们甚至可能需要查找多个用户,看看谁最有资格从该组中获得最优惠的价格。
所以我想最后一个大问题是这两种方法是否可以存在于同一个服务中?
此时,该协议更可能是基于 SOAP 的,然后是基于 RESTful 的,因此简单地使用解析为同一服务但仅提供不同方法的 URL 可能不是一种选择。
理想情况下,我需要的是一种根据角色在 WSDL 中显示操作的方法。显然,提供给任一组的文档只会反映适合该角色的操作,但理想情况下,开发人员/客户将 a) 不会看到任何他们不应该看到的操作,b) 会因尝试使用禁止的响应而收到相同类型的响应因为他们会是一个不存在的错误,并且c)最理想的情况是,收到前面提到的错误,因为对于他们的角色来说,操作实际上不存在,而不是因为服务采取了额外的预防措施,以防客户端尝试(它会这样做,仅供参考,但我不希望这是第一个也是唯一一个混淆级别)。
我正在做一个不可能实现的梦想吗?
快速附录
我意识到我应该更具体地说明这一点。当我说“基于角色”时,我指的是服务帐户,而不是用户帐户。因此,在我上面假设的情况下,用于查询任何用户 ID 的用户服务应用程序将使用一个具有特权的服务帐户来执行此操作,而不检查登录到会话的代理的角色(这将是显然是为了访问应用程序,但不是为了访问服务)。
I am trying to set up a (for now) really simple web service. By simple, I mean it only has a small amount of actual work to do on the code-side. It only really has one method/function: the client sends a user login, and the service responds with an otherwise very secure detail about the user (for the purposes of this question, let's say the user's birthday).
I have a lot of questions, but for now I'm wondering:
I am considering having two versions of this method. In version one, the client can only make a generic request with no variable information. The service will respond with birthday of whoever is authenticated in the client's session. In version two, the client is allowed to query any user name (so really, anything they want) and get back either the birthday or "Nothing found", etc.
The application of offering both would be so that most developers would get the birthdate of the current user so that it can be applied to that session. To extend my example: A user logs in, the developer wants to be able to have "Happy Birthday" if it is applicable. The owners of the service/data don't want the developer's client to have any access, real or conceptual, to anything about the user, even their log in, they just want to accommodate the developer's goal, as it is really nice. The developer doesn't want to be responsible for potentially having access to anything, he just wants to be nice.
Version two is available for some user-support groups. They actually need to look up birthdates of users who call in so that they can confirm that the user's are old enough to, let's say, rent a car. They may even have to look up multiple user's to see who is most eligible out of the group to get the best deal.
So I guess the big question, finally, is whether or not these two methods can exist in the same service?
The protocol, at this point, is more likely to be SOAP-based, then RESTful, so simply having URLs that both resolve to the same service but simply offer different methods is probably not an option.
What I need, ideally, is a way to reveal operations in the WSDL based on role. Obviously the documentation given to either group would reflect only the operation appropriate for the role, but ideally the developer/client would a) not see any operations they shouldn't and b) receive the same type of response for trying to use a forbidden response as they would a non-existent one and c) most ideally, receive the former-mentioned error because for their role the operation really DOESN'T exist, not because the service took extra precaution in case the client did try (which it will, FYI, but I don't want that to be the first and only level of obfuscation).
Am I dreaming the impossible dream?
Quick Addendum
I should have been more specific about this, I realize. When I say "role-based" I am referring to service-accounts, not user-accounts. So in my hypothetical situation above, the user-service app that would all for querying any user ID would be using one service-account with the privs to do so, not checking the role of the agent logged in to the session (which would be done to get to the app, obviously, but not to the service).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为什么不采用两种方法:
任何用户都可以调用第一种方法;只有特权用户才能调用第二种方法。您使用基于角色的授权并拒绝未经授权的用户对第二种方法的调用。
我不明白您为什么要根据角色隐藏 WSDL 中的方法。在许多情况下,您访问 WSDL 只是为了在开发环境中构建代理,并且在运行时不需要它。
Why not have two methods:
Any user can call the first method; only privileged users can call the second method. You use role-based authorization and reject calls to the second method from unauthorized users.
I don't see why you'd want to hide methods in the WSDL based on roles. In many cases you'll be accessing the WSDL only to build a proxy in a development environment, and won't need it at runtime.