wcf数据服务安全配置
我正在设置 WCF 数据服务 Web 服务,并尝试整理安全配置。尽管有很多用于配置 WCF 安全性的文档,但其中很多似乎已经过时或不适用于我的场景。
最终,我计划通过 更改拦截器来管理操作授权。因此,我真正需要的是最简单的方法来允许客户端将凭据与请求一起传递,并能够针对 AD 或 ASP.NET 成员资格提供程序对这些凭据进行身份验证(我更喜欢后者,除非它使事情要复杂得多)。
我打算在传输级别(即 HTTPS)管理加密。
我希望最终的解决方案不涉及庞大的 web.config。同样,我更愿意避免出于身份验证的目的编写自定义代码。
I'm in the process of setting up a WCF Data Services web service and I'm trying to sort out the security configuration. Although there's quite a lot of documentation out there for configuring WCF security, a lot of it seems to be outmoded or does not apply to my scenario.
Ultimately, I am planning on managing authorization of operations via change interceptors. Thus, all I really need is the simplest way to permit a client to pass credentials along with a request and to be able to authenticate those credentials against either AD or an ASP.NET membership provider (I'd much prefer the latter unless it makes things much more complicated).
I'm intending to manage encryption at the transport level (i.e. HTTPS).
I'm hoping that the eventual solution does not involve a huge web.config. Likewise, I'd much prefer to avoid writing custom code for the purpose of authentication.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
在以下链接中,您可以看到一系列 OData 身份验证选项。如果您不确切知道自己想要什么,那么这是一个很好的起点,看看您有什么选择。
In the following links you have a series of OData authentication options. If you don't know exactly what you want then that is a really good place to start and see what options you have.