问题
I created an ASP.NET MVC 4 Internet Web Application using Simple Membership db for storing users, roles and profiles.
In my app I created a Web API controller that will respond to the http:// 127.0.0.1/api/users and this call will return a list of all users stored in the db as JSON.
The UsersController is decorated with [Authorize] attribute therefore any call to the http:// 127.0.0.1/api/users have to be authenticated.
On the main page I have a button that once pressed a jQuery ajax get request is performed and will show the list of users returned by the Web API (json).
If I am logged in and I press the button, everything works fine ... the list of users is retrieved and shown.
If I am not logged in, the message show is 401 - Unauthorized (custom message in jquery call statusCode) so it works as it should because of the [Authorize] attribute.
My question: How can I authenticate when a Web API makes a request to it, to get the list of users and show them from a Windows 8 app or Windows Phone 8 or Windows Forms for example? In other words, from a client other than the web browser?
回答1:
You should make another api, that checks the authentication from the Windows 8 app or Windows.
If its pass successfully from the authentication, then only you have to show user list to the client.
回答2:
That depends on how you're coding your app, but basically, you'll use http protocol for this. Take a look at ASP.NET MVC - HTTP Authentication Prompt and http://www.piotrwalat.net/basic-http-authentication-in-asp-net-web-api-using-membership-provider/
来源:https://stackoverflow.com/questions/14365373/asp-net-mvc4-and-web-api-authentication-authorization-windows-8-and-web