向 WCF 服务进行身份验证

发布于 2024-11-08 01:42:56 字数 395 浏览 5 评论 0原文

似乎有大量关于如何做到这一点的资源,但我还没有真正找到任何东西来准确地完成我想做的事情。我正在尝试创建一个 WCF Web 服务,该服务要求用户进行身份验证才能执行任何操作(调用方法,请参阅 WSDL 等)。身份验证将是我编写的一个自定义部分,用于连接到我们的 LDAP 服务器。我想使用表单身份验证,因为我不希望客户端必须对每个请求重新进行身份验证。我希望该服务只向客户端发送一个 Forms Auth 票证 cookie,客户端可以将其发回以供将来的请求(对于不支持 cookie 的客户端环境(例如移动应用程序),我可以将其混为一谈)。然而,在服务方面,我需要能够在内存中存储每个用户的数据,保留用户身份验证组的缓存副本(以避免重复调用 LDAP 服务器),只需使用表单验证票证。我对 WCF 和表单身份验证相当陌生,因此如果您不跳过“简单”的事情,我将不胜感激。谢谢!

There seems to be a plethora of resources out there on how to do this, but I haven't really been able to find anything to exactly do what I want to do. I'm trying to create a WCF web service that will require users to authenticate to be able to do anything (call methods, see WSDL, etc.). The authentication would be a custom piece I would write to connect to our LDAP server. I'd like to use forms authentication as I don't want the client to have to re-authenticate on each request. I'd like the service to just send a Forms Auth ticket cookie to the client which the client can send back for future requests (I'm ok with kludging this for client environments that don't support cookies, e.g. mobile app). However, on the service side I need to be able to in memory store data for each user that keeps a cached copy of the user's authentication groups (to avoid making repeated calls to the LDAP server), that could be easily looked up using just the Forms Auth ticket. I'm fairly new to WCF and Forms Authentication so I would appreciate it if you wouldn't skip over the "simple" things. Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

少女净妖师 2024-11-15 01:42:56

在我看来,您需要设置一个安全令牌服务(STS)来处理身份验证。如果您愿意,STS 可以公开 LDAP 或 SQL 表。

其他替代方案可以是 Windows Azure ACS,它允许您联合许多不同的身份提供商(例如 Facebook 和 Google)。

如果您的身份验证源是 Active Directory,那么 ADFS 就是您的最佳选择。

It seems to me that you need to setup a Secure Token Service (STS) that will take care of the authentication. A STS can expose an LDAP or SQL table if you like.

Other alterantives can be Windows Azure ACS that allow you to federate against many different identity providers like Facebook and Google.

If your authentication source is Active Directory, then ADFS is the way to go.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文