如何让授权使用ASP.NET MVC的RSS源？ [英] How to allow authorization to an rss feed using ASP.NET MVC?

问题描述

我们的店是从ASP.NET Web窗体到ASP.NET MVC转换我们的内部项目管理应用程序的过程。

Our shop is in the process of converting our internal project management application from ASP.NET Web Forms to ASP.NET MVC.

我要为我们自己的当前打开的问题的客户一个RSS feed ...但我想有一些类型的授权，例如这样做登录和密码。

I would like to provide an RSS feed for our customers of their current open issues ... but I would like to do so with some type of authorization, e.g. login and a password.

这可能使用ASP.NET MVC或这应该通过像WCF的一些其他服务做了什么？示例code将多AP preciated

Is this possible using ASP.NET MVC or should this be done through some other service like WCF? Sample code would be much appreciated.

推荐答案

我不知道的最好的方式，但可以想到几个，没有超极虽然。

I'm not sure of the best way, but can think of a few, none are super great though.

• 使用IIS WindowsAuthentication有基本保障，实现了验证方法，然后标记与授权过滤器RSS行动。如果他们使用的是RSS馈线不允许HTTP认证，你也应该能够做到的 HTTP：//用户名：password@mysite.com/controller/action/rss

为每个客户一个标记，并将其放置在url中的一部分：的http：/ /mysite.com/controller/action/rss/ {}令牌。这是不是很大。

Generate a token for each customer and place it in part of the url: http://mysite.com/controller/action/rss/{token}. This isn't that great.

把用户名/密码为路径的一部分： http://mysite.com /控制器/动作/ RSS / {名} / {}密码......这是pretty可怕虽然。

Put the username/password as part of the route: http://mysite.com/controller/action/rss/{username}/{password} ... this is pretty horrible though.

他们都有点闹心，因为密码（或令牌）的URL可见。也许这被认为是好的，如果它是http HTTPS而不是虽然。我觉得第一个选项+ HTTPS是pretty常见的有关系吗？

All of them kinda suck because the password (or token) is url visible. Maybe that is considered okay if it is https instead of http though. I think the first option + https is pretty common though?

这篇关于如何让授权使用ASP.NET MVC的RSS源？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！