HTTPS是出于安全原因要求对用户进行身份验证的。
HTTPS是出于安全原因要求对用户进行身份验证的。
我正在为使用asp.net mvc4中的webapi服务编写验证用户的服务。当用户使用移动应用程序登录时,需要进行身份验证,并且我已经在这里编写了加密和解密的代码,参考了以下文章:《跨平台身份验证与ASP.NET Web API》。错误信息是:“由于安全原因,需要使用HTTPS。”在浏览器或fiddler中检查时,显示相同的错误。以下是显示的错误信息:
在注册方法中,我创建了一个TokenInspector实例,并设置了InnerHandler为HttpControllerDispatcher(config)。然后配置了两个路由,一个用于身份验证,一个用于默认的api路由。同时,还添加了一个HTTPSGuard的消息处理程序。
HTTPS is required for security reasons to authenticate users. The error message "Certificate 'CN=WebAPI-Token' not found" indicates that a certificate is missing. To solve this issue, the following steps can be taken:
1. Use HTTPS instead of HTTP to access the API. For example: https://localhost:port/api/values.
2. Generate a self-signed certificate or use a real one if available. This can be done by following the steps outlined in this Stack Overflow post.
3. Attach the certificate to the host, whether it is IIS or self-hosting. The process may vary depending on the hosting method.
4. If HTTPS is not required, remove the HTTPSGuard message handler from the code and the corresponding line in the Register function.
It is possible to host the code in IIS and the certification should still work as long as the certificate is entered in the IIS settings. The makecert tool can be used to generate the certificate.
For encryption, further assistance can be found in this Stack Overflow post.