zoukankan      html  css  js  c++  java
  • Asp.net core authentication

    CONCEPTS:

    Authentication is responsible for identify/authenticate a user

    Authorization is responsible for checking the authenticated use's access to a restricted resource.

    Claims are key-value pair discriptions to representing a user(we can call the use pricipal), describing the user's properties.For  example, a claims set may looks like: {name:wyman,role:admin,department:it}

    Identity represents ....

    Authentication Scheme: types of authentication,like JWT,cookie and others.

    USAGE:

    Authentication middleware is added into the asp.net core pipeline in the Confure Method in Startup.cs class, by calling the UseAuthentication() method.

    Authencation Service is used by the Authentication middleware, and it's registered in the ConfigureServices method by calling the AddAuthentication() extend method of IServiceCollection.

    IAuthencationHandler is where the authentication work to be done.  there're three core methods :

    AuthenticateAsync(): is the method responsible for authenticate a use, 

    ChallengeAsync(): how to react when a unauthenticated user tries to access the stricted resource, depending on the specified authentication scheme, for example, JWTAuthentication will response a 401 header to the client, and CookieAuthentication may redirect client to the login page.

    ForbidAsync: how to react when a authenticated user tries to access restricted resouce without permission.

     IAuthenticationHandler 

  • 相关阅读:
    洛谷 P1019单词接龙
    洛谷 P1091合唱队列
    洛谷 P1141 01迷宫
    洛谷 P1101单词方阵
    NOIP要炸?
    洛谷 P1219八皇后
    洛谷 P1181数列分段Section I
    刷普及-刷爆了。。。。。。
    洛谷 P3952时间复杂度 (本地AC测评RE的伪题解)
    动态数码管
  • 原文地址:https://www.cnblogs.com/lwhkdash/p/14698230.html
Copyright © 2011-2022 走看看