我想在 Clickonce 部署网页上制作一个登录表单,
并且只允许经过身份验证的用户下载该应用程序。
我希望下载的应用程序使用在网页上输入的相同凭据,
而不提示用户再次输入凭据。
详情:
我有一个应用程序(Windows 客户端),需要针对不同用户进行自定义设置。
该应用程序通过 ClickOnce 部署。
目前,用户会获得 ClickOnce 网页 URL,然后从那里下载应用程序。
下载并运行应用程序后,应用程序会提示用户使用登录表单。
如果他们的凭据经过身份验证,应用程序将根据给定的凭据从服务器的数据库加载自定义设置。
问题是,任何未经身份验证的用户只要知道该应用程序就可以下载该应用程序
ClickOnce 部署网页的 URL。
未经身份验证的用户无论如何都无法运行该应用程序,因为该应用程序
启动时要求提供凭据,但我想完全阻止未经身份验证的用户下载该应用程序。
网页需要为每个用户定制,因此需要在网页上登录。
也许我问错了问题?
英语不是我的母语,所以请理解。
非常感谢您的帮助!
I want to make a login form at the Clickonce deployment webpage,
and only allow the authenticated users to download the application.
and I want the downloaded application to use the same credentials entered at the webpage,
without prompting the users to enter the credentials again.
Details:
I have an application(Windows Client) which needs customized settings for different users.
the application is deployed through ClickOnce.
Currently, the users are given the ClickOnce webpage URL, then download the application from there.
after download and running the application, the application prompts users with a login form.
If their credentials are authenticated, the application loads the customized settings from the server's database according to the credentials given.
The problem is, any unauthenticated users can download the application if they just know the
ClickOnce deployement webpage's URL.
Unauthenticated users won't be able to run the application anyways, because the application
asks for credentials when started, but I want to prevent the unauthenticated users from downloading the application at all.
The webpage needs to be customized for each users, so the login at the webpage is necessary.
Am I asking the wrong question maybe?
English is not my native language so please understand.
Your help is much appreciated!
发布评论
评论(2)
只需在您的 Windows 应用程序中实现安全性即可。如果用户在没有对您的网络服务进行身份验证的情况下无法使用它,那么他们就没有必要下载该应用程序。我觉得没有必要再验证两次。
Just implement security in your windows application. If users cannot use it without authenticating against your web services, then there is no use of them downloading the app. I feel there is no need to authenticate them twice.
嗯嗯。与您在 MSDN ClickOnce 论坛中获得的答案几乎相同。 Windows 身份验证或什么都没有。 ;-)
关于链接的答案——我不会使用查询参数。任何人都可以输入 C/O 应用程序的链接并添加查询参数。
祝你好运!
Hmmmm. Pretty much the same answers you got in the MSDN ClickOnce forum. Windows authentication or nothing. ;-)
Regarding the answer with the link -- I wouldn't use query parameters. Anybody can type in the link to the C/O application and add the query parameters.
Good luck!