使用Web API服务为中心认证点 [英] Using a Web API Service as Central Authentication Point
问题描述
我很新的身份管理世界,所以请饶了我吧。 :)
I'm very new to the identity management world, so please spare me. :)
我想什么做的,就是有跟单个Web API应用给他们的用户进行身份验证多个客户(MVC)应用程序。在该Web API应用,我想用ASP.NET身份跟一个数据库用户。
What I would like to do, is to have multiple client (MVC) applications that talk to a single Web API application to authenticate their users against. In that Web API application, I would like to use ASP.NET Identity to talk to a database with users.
这样的话,我可以使用SSO的客户端应用程序(我猜)。
That way, I could use SSO for the client applications (I guess).
这是否有意义?可能有人帮助我对我的方式来实现这个链接(也欢迎当然)?
我不知道是否 IdentityServer 能帮助我,我想要什么?
Does that make sense? Could someone help me on my way to implement this (links are also welcome of course)? I don't know if IdentityServer could help me with what I want?
而作为一个侧面的问题:当我可以实现这一点,我想顺便说一下,我该如何处理同源策略
And as a side question: when I could implement this the way I would like to, how do I deal with the same-origin policy?
推荐答案
感谢您的所有帮助。 :)
Thank you for all the help. :)
我做了一些研究自己在过去的几个月里,我学到了很多关于身份管理的东西。许多也感谢你们从IdentityServer(和他们的其他项目)。
I did some research myself during the last few months and I learnt a lot about the identity management stuff. Many of that also thanks to the guys from IdentityServer (and their other projects).
我终于做了以下(很简单):
What I finally did was the following (very briefly):
- IdentityServer 是用作所有客户端应用程序的供应商。饼干和OIDC中间件被使用。
- 我用 ASP.NET用户身份的服务给用户存储在一个SQL Server数据库。 (该IdentityServer配置也通过存储在数据库中的方式。)
- 我设置使用用户配置的ASP.NET用户身份管理器(修改密码,创建新用户,...)的Web API服务。它采用承载认证与IdentityServer的应用程序提供商。
- 作为一个方面说明, IdentityManager 是作为内部管理工具来管理所有的用户。
- IdentityServer is used as a provider for all client applications. The cookie and OIDC middleware are used.
- I used the ASP.NET Identity user service to store the users in an SQL Server database. (The IdentityServer configuration is by the way also stored in a database.)
- I set up a Web API service that uses the ASP.NET Identity user manager for user configuration (change password, create new users, ...). It uses bearer authentication with the application with IdentityServer as provider.
- As a side note, IdentityManager is used as an internal admin tool to manage all the users.
如果有人正在寻找一些帮助建立他/她的身份管理系统(并且认为我可以帮助):请询问。 ;)
If anyone is looking for some help setting up his / her identity management system (and thinks I can help): please ask. ;)
这篇关于使用Web API服务为中心认证点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
