使用Kerberos,Web API和MVC的示例项目 [英] Example Project Using Kerberos, Web API and MVC
问题描述
是否有完整的Visual Studio解决方案,其中包含带有使用Kerberos进行身份验证的MVC应用程序的项目.这样又调用一个ASP.Net Web API服务项目(在同一解决方案中),从而在服务调用(GetAsync或PostAsync)期间将凭据委派给该服务?
Is there a complete Visual Studio Solution containing a project with an MVC Application that authenticates using Kerberos. This in turn calls an ASP.Net Web API service project (in the same solution), delegating credentials to the service during a service call (either GetAsync or PostAsync)?
我在凭据方面存在一个特定问题,其中Web API项目中的模拟用户将作为运行MVC应用程序的服务帐户(而不是发出请求的用户)通过.我已经找到了解决特定问题的特定代码行或代码示例,但我确实在寻找一种可以将所有内容整合在一起的解决方案.
I am having a specific problem with credentials, where the impersonated user in the Web API project is coming through as the service account running the MVC application, not the user making the request. I have found examples of specific lines or code to fix specific problems, but I am really looking for a single solution that brings everything together.
我已经看到诸如 Pro ASP.NET Web API安全性和
I've seen resources such as Pro ASP.NET Web API Security and ASP.Net Web-API Security but none contain a full solution showing how to implement the authorization scheme for windows Authenticaiton, and specifically Kerberos.
我认识到这可能超出了所提出的常规问题,但是我更愿意提供完整的解决方案,而不是在可能的情况下发布特定的代码问题.
I recognize this may be a bit outside the normal questions asked, but I would prefer a full solution instead of posting a specific code question if possible.
推荐答案
当MVC Web应用运行初始查询时,用户身份将附加到处理请求的线程上.如果您进行异步Web服务调用,则远程调用将由没有附加到用户身份的线程池线程进行.您可以尝试传递对当前身份的引用(来自HttpContext)并进行模拟,但是似乎有些情况需要避免.
When the MVC web app runs the initial query, the user's identity is attached to the thread that handles the request. If you make an asynchronous web service call, the remote call is made by a thread pool thread that has no attachment to the user's identity. You could try passing a reference to the current identity (from the HttpContext) and impersonate, but it seems that there would be race conditions you would need to avoid.
当然,这是假设远程调用是同步进行的.你走了那么远吗?
Of course, this is assuming that the remote calls work when made synchronously. Have you gotten that far?
这篇关于使用Kerberos,Web API和MVC的示例项目的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
