在多个服务中使用Oauth票证吗? [英] Using Oauth tickets across several services?
问题描述
我目前有一对基于OWIN的服务,每个服务都针对同一组用户使用OAuth身份验证.我打算隔离授权服务器(即令牌端点),并以某种方式将我的两个服务都配置为接受此令牌.我认为这将涉及到我所有服务的一些配置,以允许在所有相关服务中对该令牌进行解密.这可能吗?
I currently have a pair of OWIN-based services that each use OAuth authentication against the same set of users. I intend to isolate the authorisation server (i.e. The token endpoint) and somehow configure both of my services to accept this token. I assume this would involve some configuration of all my services to allow this token to be decrypted across all relevant services. Is this possible?
推荐答案
Katana OAuth2授权服务器中间件并不是为这种情况而设计的(主要是因为它依赖于机器密钥来进行令牌验证).
The Katana OAuth2 Authorization Server middleware wasn't really designed for this scenario (mainly because its reliance upon the machinekey for token verification).
如果您希望集中化令牌的生成,则应考虑为此目的设计的OAuth2授权服务器. Thinktecture AuthorizationServer是执行此操作的开源服务器: http://thinktecture.github.io/Thinktecture.AuthorizationServer /
If you're looking to centralize the token generation then you should look into an OAuth2 authorization server that's designed for this. Thinktecture AuthorizationServer is an open source server that does this: http://thinktecture.github.io/Thinktecture.AuthorizationServer/
这篇关于在多个服务中使用Oauth票证吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
