声明与OAuth之间的区别 [英] Difference between Claims vs OAuth

问题描述

基于声明的身份验证与OAuth提供的身份之间有什么区别。

我在寻找概念差异而不是技术差异。

基于声明的身份验证是Microsoft提出的，它建立在WS-Security的基础上。但是OAuth更像是一种开放源协议，被提议允许基于安全令牌从不同的门户获取资源。

索赔也具有令牌的概念（SAML编码或X509证书）。

我试图了解何时选择OAuth上的Claims，反之亦然。

谢谢

解决方案

基于声明的身份是一种脱钩的方式您的应用程序代码来自特定的身份协议（例如SAML，Kerberos，WS-Security等）。它不仅适用于Web应用程序，而且作为名为 WIF 的.NET库/框架实现。 / p>

OAuth是一种特定的协议，通过该协议，一个网站可以获得用户的同意，以访问其在另一个网站上的私人数据。

选择一种或另一种并不是真正的情况，实际上它们是互补的。如果您要构建通过WIF执行OAuth的.NET Web应用，则可能一次可以使用这两种方法。

What is the difference between Claims based authentication vs What is provided by OAuth.

I am looking for conceptual difference and not technical difference. When do I choose Claims over OAuth and vice versa.

Claims based authentication is proposed by Microsoft and build on top of WS-Security. But OAuth is more a open source protocol that is being proposed to allow fetching resources from different portals based on a security token.

Claims also has this concept of token (SAML encoded or X509 certificates).

I am trying to understand when do I choose Claims over OAuth and vice versa.

Thanks

解决方案

Claims-based identity is a way of decoupling your application code from the specifics of identity protocols (such as SAML, Kerberos, WS-Security, etc). It is not only for web applications and is implemented as a .NET library / framework called WIF.

OAuth is a specific protocol by which one web site can obtain user consent to access their private data on another web site.

It is not really the case that you would choose one or the other, in fact they are complementary. Potentially you could use both at once, if you were building a .NET web app that performed OAuth via the WIF.

这篇关于声明与OAuth之间的区别的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！