I'm testing out the feasibility of using OpenRasta as a viable alternative to ASP.NET MVC. However, I've run into a stumbling block regarding authentication.
Let me be clear, "Open Digest Authentication" is NOT an option at this point.
I've read that Scott Littlewood created a basic authentication fork for OpenRasta and I've downloaded the source from git and successfully built it.
I'm now trying to get the authentication working, so if someone has a real working model, I would be very grateful. Here's what I've done so far:
//Authentication.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using OpenRasta;
using OpenRasta.Configuration;
using OpenRasta.Authentication;
using OpenRasta.Authentication.Basic;
using OpenRasta.Configuration.Fluent;
using OpenRasta.DI;
namespace myOpenRastaTest.Extensions
{
public static class ExtensionsToIUses
{
public static void BasicAuthentication<TBasicAuthenticator>(this IUses uses) where TBasicAuthenticator : class, IBasicAuthenticator
{
uses.CustomDependency<IAuthenticationScheme, BasicAuthenticationScheme>(DependencyLifetime.Transient);
uses.CustomDependency<IBasicAuthenticator, TBasicAuthenticator>(DependencyLifetime.Transient);
}
}
public class CustomBasicAuthenticator : IBasicAuthenticator
{
public string Realm { get { return "stackoverflow-realm"; } }
public CustomBasicAuthenticator()
{
}
public AuthenticationResult Authenticate(BasicAuthRequestHeader header)
{
/* use the information in the header to check credentials against your service/db */
if (true)
{
return new AuthenticationResult.Success(header.Username);
}
return new AuthenticationResult.Failed();
}
}
}
Now to test it I just created an instance of CustomBasicAuthenticator in my HomeHandler.cs:
//HomeHandler.cs
using System;
using myOpenRastaTest.Resources;
namespace myOpenRastaTest.Handlers
{
public class HomeHandler
{
public object Get()
{
var custAuth = new myOpenRastaTest.Extensions.CustomBasicAuthenticator();
return new HomeResource();
}
}
}
So, I need to know what steps i need to take next, hence the reason for me asking for a real working model and not just theory answers since I've just stumbled upon the framework 2 days ago and might not know all the OpenRasta framework,RESTful lingo that you might throw back at me :)
Once I get a grasp of authentication, I'll have a good indication as to how to proceed with my evaluation of whether to port an existing asp.net prototype portal to OpenRasta or not.
Thanks in advance...
I have a sample application using the new OpenRasta authentication process that ONLY supports BASIC authentication at the moment.
Plugging in different authentication schemes should be quite straight forward but I haven't had the time recently to do this.
See this github discussion for future reference: https://github.com/scottlittlewood/openrasta-stable/commit/25ee8bfbf610cea17626a9e7dfede565f662d7bb#comments
For a working example checkout the code here: https://github.com/scottlittlewood/OpenRastaAuthSample
Hope this helps
Once you have an authentication in place, you need it to be triggered by having authorization on one of your resource handlers, which you can do by adding a RequiresAuthentication attribute on it for example.
You can have a look at the code for that attribute to see how to implement custom authorization yourself.
来源:https://stackoverflow.com/questions/4127764/openrasta-scott-littlewoods-basic-authentication-working-example