OpenRasta - Scott Littlewoods 基本身份验证工作示例

发布于 2024-10-01 09:22:51 字数 2290 浏览 4 评论 0原文

我正在测试使用 OpenRasta 作为 ASP.NET MVC 的可行替代方案的可行性。 但是,我遇到了有关身份验证的绊脚石。

让我澄清一下,此时“开放式摘要身份验证”不是一个选项

我读到 Scott Littlewood 为 OpenRasta 创建了一个基本的身份验证分支,我已经从 git 下载了源代码并成功构建了它。

我现在正在尝试让身份验证工作,所以如果有人有一个真正的工作模型,我将非常感激。这是我到目前为止所做的:

//Authentication.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using OpenRasta;
using OpenRasta.Configuration;
using OpenRasta.Authentication;
using OpenRasta.Authentication.Basic;
using OpenRasta.Configuration.Fluent;
using OpenRasta.DI;

namespace myOpenRastaTest.Extensions
{
    public static class ExtensionsToIUses
    {
        public static void BasicAuthentication<TBasicAuthenticator>(this IUses uses) where TBasicAuthenticator : class, IBasicAuthenticator
        {
            uses.CustomDependency<IAuthenticationScheme, BasicAuthenticationScheme>(DependencyLifetime.Transient);

            uses.CustomDependency<IBasicAuthenticator, TBasicAuthenticator>(DependencyLifetime.Transient);
        }
    }

    public class CustomBasicAuthenticator : IBasicAuthenticator
    {
        public string Realm { get { return "stackoverflow-realm"; } }

        public CustomBasicAuthenticator()
        {            
        }

        public AuthenticationResult Authenticate(BasicAuthRequestHeader header)
        {
            /* use the information in the header to check credentials against your service/db */
            if (true)
            {
                return new AuthenticationResult.Success(header.Username);
            }

            return new AuthenticationResult.Failed();
        }
    }
}

现在为了测试它,我刚刚在 HomeHandler.cs 中创建了一个 CustomBasicAuthenticator 实例:

//HomeHandler.cs
using System;
using myOpenRastaTest.Resources;

namespace myOpenRastaTest.Handlers
{
    public class HomeHandler
    {
        public object Get()
        {
            var custAuth = new myOpenRastaTest.Extensions.CustomBasicAuthenticator();

            return new HomeResource();
        }
    }
}

所以,我需要知道下一步需要采取什么步骤,因此我要求一个真正的工作的原因模型而不仅仅是理论答案,因为我两天前刚刚偶然发现了这个框架,可能不知道所有的 OpenRasta 框架,你可能会向我扔回 RESTful 术语:)

一旦我掌握了身份验证,我就会有一个很好的指示,说明如何继续评估是否将现有的 ASP.NET 原型门户移植到 OpenRasta。

提前致谢...

I'm testing out the feasibility of using OpenRasta as a viable alternative to ASP.NET MVC.
However, I've run into a stumbling block regarding authentication.

Let me be clear, "Open Digest Authentication" is NOT an option at this point.

I've read that Scott Littlewood created a basic authentication fork for OpenRasta and I've downloaded the source from git and successfully built it.

I'm now trying to get the authentication working, so if someone has a real working model, I would be very grateful. Here's what I've done so far:

//Authentication.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using OpenRasta;
using OpenRasta.Configuration;
using OpenRasta.Authentication;
using OpenRasta.Authentication.Basic;
using OpenRasta.Configuration.Fluent;
using OpenRasta.DI;

namespace myOpenRastaTest.Extensions
{
    public static class ExtensionsToIUses
    {
        public static void BasicAuthentication<TBasicAuthenticator>(this IUses uses) where TBasicAuthenticator : class, IBasicAuthenticator
        {
            uses.CustomDependency<IAuthenticationScheme, BasicAuthenticationScheme>(DependencyLifetime.Transient);

            uses.CustomDependency<IBasicAuthenticator, TBasicAuthenticator>(DependencyLifetime.Transient);
        }
    }

    public class CustomBasicAuthenticator : IBasicAuthenticator
    {
        public string Realm { get { return "stackoverflow-realm"; } }

        public CustomBasicAuthenticator()
        {            
        }

        public AuthenticationResult Authenticate(BasicAuthRequestHeader header)
        {
            /* use the information in the header to check credentials against your service/db */
            if (true)
            {
                return new AuthenticationResult.Success(header.Username);
            }

            return new AuthenticationResult.Failed();
        }
    }
}

Now to test it I just created an instance of CustomBasicAuthenticator in my HomeHandler.cs:

//HomeHandler.cs
using System;
using myOpenRastaTest.Resources;

namespace myOpenRastaTest.Handlers
{
    public class HomeHandler
    {
        public object Get()
        {
            var custAuth = new myOpenRastaTest.Extensions.CustomBasicAuthenticator();

            return new HomeResource();
        }
    }
}

So, I need to know what steps i need to take next, hence the reason for me asking for a real working model and not just theory answers since I've just stumbled upon the framework 2 days ago and might not know all the OpenRasta framework,RESTful lingo that you might throw back at me :)

Once I get a grasp of authentication, I'll have a good indication as to how to proceed with my evaluation of whether to port an existing asp.net prototype portal to OpenRasta or not.

Thanks in advance...

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

拥抱我好吗 2024-10-08 09:22:51

我有一个使用新的 OpenRasta 身份验证流程的示例应用程序,目前仅支持 BASIC 身份验证。

插入不同的身份验证方案应该非常简单,但我最近没有时间这样做。

请参阅此 github 讨论以供将来参考: https://github.com/scottlittlewood/openrasta -stable/commit/25ee8bfbf610cea17626a9e7dfede565f662d7bb#comments

有关工作示例,请在此处查看代码:https://github。 com/scottlittlewood/OpenRastaAuthSample

希望这有帮助

I have a sample application using the new OpenRasta authentication process that ONLY supports BASIC authentication at the moment.

Plugging in different authentication schemes should be quite straight forward but I haven't had the time recently to do this.

See this github discussion for future reference: https://github.com/scottlittlewood/openrasta-stable/commit/25ee8bfbf610cea17626a9e7dfede565f662d7bb#comments

For a working example checkout the code here: https://github.com/scottlittlewood/OpenRastaAuthSample

Hope this helps

三寸金莲 2024-10-08 09:22:51

一旦您进行了身份验证,您就需要通过对资源处理程序之一进行授权来触发它,例如,您可以通过在其上添加 RequiresAuthentication 属性来实现这一点。

您可以查看该属性的代码,了解如何自行实现自定义授权。

Once you have an authentication in place, you need it to be triggered by having authorization on one of your resource handlers, which you can do by adding a RequiresAuthentication attribute on it for example.

You can have a look at the code for that attribute to see how to implement custom authorization yourself.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文