On the asp.net core regarding Authentication and Authorization

Others 2020-03-13 16:05:09 views: null

Understand certification (Authentication) and authorization (Authorization) concept

Before starting we have to figure out the difference between the two. We are certified when accessing certain data resources, the need to provide an identity identity, then the server holding this identity, to a storage container to match, if match on the to prove that the authentication is successful.
whether you have access to the resources needed to see if you have permission for this resource, to get permission, you have to give your identity authorization, that is, so you have permission to access the resources, so the two actions not the same as when the stage described.

So simple point, it's a combination of both, is equivalent to a process of visitors to web server resources. First of all visitors have to hold a login user, used to log web server. This web server then will face holders a visitor list. only when the
login user with a list of matches the user can access the web server. but if you want to access the login user of resources must be appropriate privilege level. some of confidential documents you need to apply to get the admin approve. this process is called authorization.

About Authentication in asp.net core support in

services.AddAuthentication

Configureservice method may be injected inside the IAuthenticationService startup.cs middleware. The Authentication service will be used to register the program Authentication handler corresponding authentication logic. These are referred to as registered Authentication handelers schemas. So we pass in common Startup.ConfigureServicesto see such Configuration:

services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
    .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, options => Configuration.Bind("JwtSettings", options))
    .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => Configuration.Bind("CookieSettings", options);

Here there are multiple schema is registered when it came in for authentication in the back, you can according to actual needs to use a different schema to be authenticated is also very simple, such as using jwt certification of a Controller..:

[Authorize(AuthenticationSchemes = 
    JwtBearerDefaults.AuthenticationScheme)]
public class MixedController : Controller

Specifically refer to Microsoft documentation:

Authorize with a specific scheme in ASP.NET Core

services.AddDefaultIdentity

If the project is a web MVC asp.net core project, and individual users with a template, we may see this behavior in the injection startup.configureservice in:

services.AddDbContext<ApplicationDbContext>(options =>
        options.UseSqlServer(
            Configuration.GetConnectionString("DefaultConnection")));
    services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
        .AddEntityFrameworkStores<ApplicationDbContext>();
    services.AddRazorPages();

And AddAuthenticationactually it built AddDefaultIdentityinside. So do not go along with the extra time.

app.UseAuthentication();

Either way, the project will use the Authentication Service is injected in, need to be performed in startup.configure in:

app.UseRouting()
app.UseAuthentication();
aspp.UseEndpoints();

Add it to the pipeline in response to the http request. And arranged relative order can not be changed.

Authentication understand some related terms

  • Schema

Generally based authentication you add, as well as configuration options, go to http request request for authentication. So AddJwtBearer, it is added jwt authentication, AddCookiein fact, is to add a cookie authentication.

  • Challenge

Here refers to the certification process, such as links to resources the anonymous user requests to access or click limited. Authentication Service will be certified according to the respective process or default Schema. Typically, the cookie-based authentication redirects the user to the login screen. Jwt-based authentication and will return code 401.

  • Forbid

Forbid occurs after authentication by the authentication phase, the Authorization service to determine whether user has access to the resource. When users without access to resources, cookie-based authentication at this stage will redirect the user to display a 'user without permission visit 'the page. jwt-based authentication and returns a 403 code.

Guess you like

Origin www.cnblogs.com/it-dennis/p/12486982.html
Recommended
Face Wall Intelligence releases the Eurux-8x22B open source large model - it can be called the "science champion"
Kaiyuan Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft’s anxiety and ambition; Haier Electric shuts down the open platform
Ranking
Jianzhi offer interview questions 68-II. The nearest common ancestor of a binary tree (recursive)
jQuery Mobile development 1-UI components
Summary of Kotlin function knowledge
[ZZ] The Naked Truth About Anisotropic Filtering
Diagnosis: record a recovery of abnormal CRASH storage caused the database to be unable to be opened normally
Redis introduction and Linux installation Redis
Experiment 2 Introduction to switches
glances open source command-line system monitoring tools introduced
Use of selector
vue3 handwriting a carousel picture
Daily
More
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)

Code World

© 2018 codetd.com