实施基于声明的安全性(WCF/ASP.NET) [英] Implementing claims-based security (WCF/ASP.NET)
问题描述
在研究了基于声明的安全性(或联合安全性模型)主题之后.我遇到了许多使用 CardSpace 的示例.我读到的这篇文章对这个主题做了非常不错的解释,主要文章是 Zermatt .
After researching on the topic of claims-Based security (or a federated security model). I've been coming across many examples that use CardSpace as an example. The main article that I read that gave a really great explanation of the subject was a PDF by Microsoft on a framework called Zermatt.
The claims-based security architecture I'm looking into is the equivalent of implementing an STS Authentication Broker in combination with an STS Authorization Broker. This way, when I create a new service all I need to do is ensure that the service will only accept claims issued by the Authorization Broker. And as noted in the article, the Authorization Broker would only accept claims issued by the Authentication Broker.
设置后,无论何时客户端尝试使用新服务,客户都必须向 身份验证代理 进行身份验证(发出经过身份验证的声明),然后获得授权 授权代理 (发出授权索赔).
When that's setup, any time a client attempts to use the new service, it must authenticate with the Authentication Broker (issuing an authenticated claim) and then get authorized with the Authorization Broker (issuing an authorized claim).
这一切都很好而且花哨的而且体系结构很清楚,但是我看不到如何实现STS.正如我所提到的,网络上的大多数(如果不是全部)示例都显示了如何使用CardSpace,但是当您有数据库备份身份验证方案时,这种方法就无法正常工作.
This is all fine and dandy and the architecture is clear, but I don't see exactly how to implement an STS. As I mentioned, most (if not all) examples around the web are showing how to use CardSpace, but that doesn't exactly work when you have a database backing up your authentication scheme.
示例场景
替代文本http://img512.imageshack.us/img512/8329/claimsbasedsecurityza6 .jpg
推荐答案
我想我找到了答案:D
I think I found my answer :D
http://www.theserverside.net/tt/articles/showarticle.tss?id=ClaimsBasedSecurityModel http://www.theserverside.net/tt/articles/showarticle. tss?id = ClaimsBasedSecurityModel2
然后在PDC上发布了最新的Microsoft Geneva Framework.完美满足我的需求. (现在,如果仅将我自己的答案标记为答案:P)
And then there's the latest Microsoft Geneva Framework announced at PDC. Perfect for what I need. (now if only my own answer were marked as the answer :P)
http://www.microsoft.com/geneva
这篇关于实施基于声明的安全性(WCF/ASP.NET)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
