Silverlight的用户身份验证 [英] Silverlight user authentication
问题描述
我目前正在开发一个Silverlight 3应用程序,需要某种形式的用户身份验证,因为从WCF服务拉着数据是特定的用户。目标受众是经常上网 - 所以没有向AD进行身份验证
下面是一些我曾经就这种情况的问题:
- 是否有一个框架或其他机制,会支持我吗?
- 你会推荐Silverlight应用程序内或通过类似形式的权威性之外的机制认证?哪个更安全?
- 怎么样外的浏览器支持?
解决方案
我用ASP.NET的验证
然后去<一个href=\"http://www.silverlightshow.net/items/Accessing-the-ASP.NET-Authentication-Profile-and-Role-Service-in-Silverlight.aspx\" rel=\"nofollow\">http://www.silverlightshow.net/items/Accessing-the-ASP.NET-Authentication-Profile-and-Role-Service-in-Silverlight.aspx检查出如何可以公开的认证服务。
然后在你的WCF服务,你做以下(在ASP中托管):
公共类MyWCFService:IMyWCFService
{
//从检索的MembershipProvider用户标识
私人诠释GetUserId()
{
的MembershipUser用户= Membership.GetUser();
INT用户id =(INT)user.ProviderUserKey;
返回用户id;
} //检查用户是否通过验证
私人布尔IsUserAuthenticated()
{
返回HttpContext.Current.User.Identity.IsAuthenticated;
} 公共无效订阅()
{
如果(!IsUserAuthenticated())
{
抛出新SecurityException异常(你必须通过身份验证才能使用这项服务。);
} INT用户id = GetUserId();
DoStuff(用户ID);
}
}
希望有所帮助。
I am currently developing a Silverlight 3 app that needs some sort of user authentication, because the data pulled from a WCF service is user specific. Target audience is the regular Internet - so there is no AD to authenticate against.
Here are some of the questions I have concerning that situation:
- Is there a framework or other mechanism that would support me?
- Would you recommend authentication within the Silverlight app or via outside mechanisms like forms auth? Which is more secure?
- What about out-of-browser support?
I used ASP.NET's authentication. Just use a MembershipProvider (or implement your own). Then go to http://www.silverlightshow.net/items/Accessing-the-ASP.NET-Authentication-Profile-and-Role-Service-in-Silverlight.aspx to check out how you can expose the authentication service.
Then in your WCF service, you do the following (hosted in ASP):
public class MyWCFService : IMyWCFService
{
// retrieve your UserId from the MembershipProvider
private int GetUserId()
{
MembershipUser user = Membership.GetUser();
int userId = (int)user.ProviderUserKey;
return userId;
}
// check if user is authenticated
private bool IsUserAuthenticated()
{
return HttpContext.Current.User.Identity.IsAuthenticated;
}
public void Subscribe()
{
if (!IsUserAuthenticated())
{
throw new SecurityException("You must be authenticated to be able to use this service.");
}
int userId = GetUserId();
DoStuff(userId);
}
}
Hope that helps.
这篇关于Silverlight的用户身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!