在REST实施保安？ [英] Implementing Security in REST?

问题描述

我关注如何落实安全措施，可能它是身份验证或授权..
如何这些实施..如果你有，你可以与问候WCF REST 4.0安全共享，如果你已经实现，也更好的想法或链接。因为香港专业教育学院一直试图找出此主题的所有我觉得是如何使用3.5和更低的版本，这似乎是从样品中我看到的4.0，我试过，但在实施它没有意义不同，它执行的信息。

I am concerned on how to implement security measures may it be Authentication or Authorization.. How can these be implemented.. if you have any thoughts or links that you can share with regards to WCF REST 4.0 Security and if you've implemented it also the better. because ive been trying to find out on this topic all i find is information on how to implement it using 3.5 and lower versions which seem to be different from the samples i see for 4.0 which i tried but did not make sense while implementing it.

感谢您

推荐答案

您可能想探索这个解决方案WCF REST，它是一个自定义的用户数据库实现基本身份验证的拦截器。

You might want to explore this solution for WCF REST, it is a interceptor for implementing basic authentication with a custom user database.

<一个href=\"http://weblogs.asp.net/cibrax/archive/2009/03/20/custom-basic-authentication-for-restful-services.aspx\" rel=\"nofollow\">http://weblogs.asp.net/cibrax/archive/2009/03/20/custom-basic-authentication-for-restful-services.aspx

这是拦截器与验证用户输入密码，并初始化当前主体，所以你可以，如果你想有一个逻辑的东西跨多个服务重用的使用从服务本身，一个做授权或实施IAuthorizationManager。

That interceptor authenticates the user with a password, and initializes the current principal, so you can use that one from the service itself for doing authorization or implement an IAuthorizationManager if you want to have that logic as something reusable across several services.

您还会发现在我的博客的一些其他身份验证方法，如证书认证或OAuth的，这是不常见的。

You will also find some other authentication methods in my blog, like certificate authentication or OAuth, which are less common.

谢谢
巴勃罗。

Thanks Pablo.

这篇关于在REST实施保安？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！