在 ASP.net 中“正确"实现 OpenID- 会员资格或身份验证提供者? [英] Implementing OpenID in ASP.net "Properly" - Membership or Authentication Provider?
问题描述
有多种方法可以在 ASP.net 站点上使用 OpenID,但它们似乎都没有使用现有的成员身份和身份验证提供程序机制.
There are several ways to use OpenID on ASP.net sites, but none of them seem to use the existing mechanism of Membership and Authentication Providers.
我想知道创建仅依赖 OpenID 的站点的正确方法是什么?继续使用表单身份验证,但实现 SqlMembershipProvider 的一个变体,该变体根据 OpenID 进行查找?
I wonder what the proper way would be to create a site that solely relies on OpenID? Continuing to use Forms Authentication but implementing a variant of the SqlMembershipProvider that does the lookup against OpenID?
或者我会更深一层编写自己的 FormsAuthenticationModule 吗?这似乎有点过于简单,因为(据我所知)Forms Authentication 可以查找任何数据源.
Or would I go one level deeper and write my own FormsAuthenticationModule? That seems to be a bit too bare-bones, as (to my knowledge) Forms Authentication can looked up against any data source.
或者还有第三种方法,保留 FormsAuthenticationModule 但让它根据 OpenID 进行查找?
Or is there a third way, keeping the FormsAuthenticationModule but making it do the lookup against OpenID?
因为这是针对 ASP.net MVC 应用程序,所以我没有使用内置的登录 WebForms 控件,如果这有所不同的话.
As this is for an ASP.net MVC application I have no use for the built-in Login WebForms Controls if that makes a difference.
推荐答案
ASP.NET 定义的 Membership API 根本不适合 OpenID,这可能是您没有看到许多系统使用它的原因.我还没有看到需要将 Membership 提供程序与 OpenID 一起使用,所以它并没有真正成为一个问题.http://code 是一个尝试使成员资格提供程序模型适合 OpenID 的项目.google.com/p/dotnet-membership-provider/,但最近似乎没有维护.
The Membership API that ASP.NET defines doesn't fit well at all with OpenID, which is probably why you don't see many systems using it. I haven't seen a need to use the Membership provider with OpenID yet, so it hasn't really become an issue. One project that attempted to make the Membership provider model fit with OpenID is http://code.google.com/p/dotnet-membership-provider/, but it doesn't look like it's been maintained recently.
正如womp 所说,您不需要重做FormsAuthenticationModule.它与 OpenID 完美配合.
As womp said, you don't need to redo the FormsAuthenticationModule. It works perfectly well with OpenID.
查看随附的项目模板DotNetOpenAuth 以了解没有会员资格提供商的情况如何运作.
Check out the project templates that come with DotNetOpenAuth to see how things can work without the membership provider.
这篇关于在 ASP.net 中“正确"实现 OpenID- 会员资格或身份验证提供者?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
