问题
I found great article about client/server implementation via Self Host Web API http://www.asp.net/web-api/overview/older-versions/self-host-a-web-api
And I am wondering about the correct authentication method for this model (Self Host Web API ).
Have I use a bearer token authentication? Is there any other method?
Or for example http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api
I have following working requirements:
C# http client must connect to Self Host Web API Windows Service and send files.
The connection must be secure 100%.
So how to protect WebAPI, any clue?
回答1:
Have you checked this answer?
ASP.NET Web API Self-Host with Windows Authentication
Looks like is working quite well with Windows Authentication.
BTW, Bearer it's probably more flexible, but it depends on your needs.
BTW(2): HTTPS is a must if you want to achive an high level of security, but 100% looks veeery high :)
来源:https://stackoverflow.com/questions/35751411/authenticate-http-net-client-against-self-host-web-api-windows-service