开发者

Consume my REST API without getting token authenticated for my web application

I have a created a simple WCF REST service, and implemented token-based security. Only users belonging to a certain role can access my WCF REST service. The token is sent via Request-Header and is parsed in the BaseService.cs method of my REST project. Each user, in order to access the REST API, has to create his/her own token (if their role ha开发者_高级运维s the permission to access my REST API).

Since I have wrapped a considerable amount business logic in this REST WCF project, I would like to leverage this REST API in my ASP.NET web project too. But my ASP.NET project has no "token", so how can it consume the REST service? If I create a "special token" to indentify that its my Web application consuming the REST Service and by-pass the user token authentication system, then application users might hack and copy that token and consume the REST API.

Basically I want to know if its possible for my web application to consume my REST API without getting token authenticated, like using some internal Visual Studio reference or something else?

I know I can be on a completely different track here as I am a newbie in WCF. If you can share your thoughts here, it would help me go in the right direction.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜