如何使用Web API来实现基于声明的身份验证? [英] How to implement Claims Based Authentication using Web API?
问题描述
我将要使用Web API,用于即将开展的项目,并问到的现有的STS提供融入式作为我的身份验证机制。因此,我的Web API将是(依赖方)的RP。我不需要任何支持,提供实际的令牌(如创作的STS提供商),只需要结合基于声明的身份验证配置的STS提供商和我的基于Web的API REST服务使用它。
I am going to be using Web API for an upcoming project and was asked to integrate an existing STS provider into the equation as my authentication mechanism. Therefore my Web API would be the RP (relying party). I don't need any support to provide the actual token (like creation of STS Provider), just need to incorporate claims based authentication to the configured STS provider and use it in my Web API REST based service.
有谁知道这是可能的,并就如何实现这一一些例子吗?我看到创建一个STS提供完整的例子,但就像我说的它已经存在。我只是需要信任它,并使用进行身份验证。
Does anyone know if this is possible, and some examples on how to implement this? I see full examples with creating a STS provider, but like I said it already exists. I just need to trust it and use for authentication purposes.
推荐答案
要看哪些协议现有的STS支持。你需要找到这一点。
Depends which protocols your existing STS supports. You need to find that out.
基本上,你需要这样做:
Basically you need to do this:
- 向您的STS令牌(从客户端应用程序内)
- 发送令牌到Web API
- 验证Web API里面令牌
您需要了解的事情是,如果1作品与您的自定义STS - 那么我们可以谈2和3;)
The thing you need to find out is if 1. works with your custom STS - then we can talk about 2 and 3 ;)
这篇关于如何使用Web API来实现基于声明的身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
