仅提供一次性服务客户端凭据？ [英] Provide only one time service client credentials ?

问题描述

我正在尝试使用成员资格提供程序配置wcf安全性（身份验证/授权）。对于基于角色和身份验证，我已成功配置它。一切都很好。我有几个问题，并在一两天内做谷歌，但无法找到解决方案。

我的问题是当我通过添加服务引用来调用服务然后以这种方式调用。

Hi,

I am trying to configure wcf security (authentication / authorization ) with membership provider. For role based and authentication i have successfully configured it. All is working fine. I have few questions and doing google from one to two days but cant find a solution.
My question is when i call a service by adding service refrence and then call in this way.

var client = new Service1Client();
               client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;

               client.ClientCredentials.UserName.UserName = "username";
               client.ClientCredentials.UserName.Password = "password";

一切正常。我担心的是每次调用wcf服务时都必须提供凭据。或者是否有任何机制可以对用户进行一次身份验证，然后再使用此经过身份验证的用户而无需再次提供凭据。

其次，我正在使用带证书的服务有没有办法在不使用证书的情况下使用身份验证/授权。

第三，对于身份验证这段代码工作正常精细。是否足够或我必须制作一些其他服务，然后制作自定义验证器以验证用户名和密码。

< usernameauthentication usernamepasswordvalidationmode =MembershipProvidermembershipprovidername =DefaultMembershipProvider>

先谢谢。

All is working fine. My concern is do i have to give credentials each time when i call the wcf service. Or is there any mechanism to authenticate one time the user and later use this authenticated user without giving credentials again.
Secondly, i am using the service with certificate is there any way to use authentication/authorization without the use of certificate.
Third, for authentication this piece of code is working fine. Is it enough or i have to make some other service and then make custom validator to validate the user name and password.
<usernameauthentication usernamepasswordvalidationmode="MembershipProvider" membershipprovidername="DefaultMembershipProvider">
Thanks in advance.

推荐答案

你好sajid zafar_Iqbal



目前你正在使用Direct在调用服务之前始终需要凭据的身份验证。



如果您询问专业知识，那么只会建议您使用Brokered Authentication机制，您必须发送您的凭据一次，在恢复时，您将获得令牌号码和您在消费时必须发送给服务的相同令牌号码。然后服务将验证令牌，如果令牌生命周期有效，那么服务将执行您的请求。



其他人告诉我使用它，因为他们使用称之为一次验证。



但在我看来，没有一次验证存在。在直接身份验证中，我们始终使用凭证，但在Brokered Authentication中，我们从第三方获取令牌，然后每次我们将该令牌发送到服务时。



在这两种情况下都存在验证。然后我们怎么说我们只有一次验证。



如果可能的话，请通过Direct&Brokered Authentication来完成。你会得到正确的答案。



如果我的帖子已经解决你的问题，请告诉我。



问候

Anil Shah

Hello sajid zafar_Iqbal

Currently you are using Direct Authentication which is always requires a Credential before calling the service.

If you ask to expertise then then will simply suggest you that use the Brokered Authentication mechanism where you have to send your Credential once and in revert of that you will get a Token number and the same token number you have to send to Service while consuming. then Service will validate the token and if token Life cycle is valid then service will execute your request.

I have been told by other guys to use this as they use to call it One time authentication.

But in my opinion, there is no one time authentication exists. as in Direct Authentication we always use Credential but in Brokered Authentication we get the Token from Third party then every time we are sending that token to service.

In both case Validation exists. Then how we can say that we have only one time authentication.

If possible for you then kindly go through with Direct & Brokered Authentication. You will get the proper answer.

Let me know if my post has resolve your query or not.

Regards
Anil Shah

这篇关于仅提供一次性服务客户端凭据？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！