내보내기(0) 인쇄
모두 확장
이 항목은 아직 평가되지 않았습니다.- 이 항목 평가

Select an Authentication Protocol

업데이트 날짜: 2014년 2월

 

DataMarket 로고

Create and application and market it to a wide and growing consumer base on the 마켓플레이스. Whether or not your application consumes 마켓플레이스 data, you can be a member of the community that leverages the 마켓플레이스 to sell your applications. The 마켓플레이스 does the provisioning and billing, leaving you to reap the rewards. If your application consumes 마켓플레이스 data, the user must be authenticated and authorized to access the datasets.

The WAM(Windows Azure 마켓플레이스) supports two authentication protocols, HTTP Basic Authentication and OAuth. Deciding which protocol to use is a matter of determining who uses your application and how it is used.

Select anNP Authentication Protocol

Both HTTP Basic Authentication and OAuth authentication are able authenticate a user and, as appropriate, either grant or deny access to a protected resource.

If you answer these questions for your application, you can determine which is better to use:

  • Will I sell this application on the 마켓플레이스?

  • Will the user access one or more 마켓플레이스 datasets?

If you answered “Yes” to either or both of these questions, OAuth is the required authentication protocol.

HTTP Basic Authentication

The 마켓플레이스 implementation of HTTP Basic Authentication ignores the user id and only requires that a valid secret account key as a password. You can ignore the user id, or if you want to manage usage and billing on your own, you can use it to identify specific users. If your application uses HTTP Basic Authentication protocol to access the 마켓플레이스:

  • All access is through a single account.

  • All users share and use a single password (the 마켓플레이스 account key).
    Whether the account key is included in the code or entered by the user, the account key less private and secret. Thus it can introduce vulnerabilities to abuse.

  • The 마켓플레이스 bills all access to a single account – the owner of the account key – probably you.

  • Removing access for one user (by changing the account key) removes access for all users.

  • Only datasets subscribed to by the account key owner are available to users.

  • If you want individual users to pay for their usage you must manage their individual use and bill them.

See Implement HTTP Basic Auth in your Marketplace App.

OAuth

The 마켓플레이스 implementation of OAuth leverages the user’s Windows Live ID and password and the application’s registration key (client_id) to authenticate and grant access to datasets. Using OAuth provides some additional security benefits, such as the ability to authenticate the client and user and issue an access token directly to the client without potentially exposing it to others, including the resource owner.

If your application uses the OAuth protocol to access the 마켓플레이스:

  • The application must be registered with the 마켓플레이스.

  • Each user must have a Windows Live ID.

  • All access is through the user’s individual account.

  • Billing is to the individual user’s account.

  • Removing access for one user does not affect any other user.

  • Any dataset subscribed to by the user is accessible (if the application supports this scenario).

  • The 마켓플레이스 manages the user’s account and billing.

See Implement OAuth in your Marketplace App.

Given the above it is reasonable to ask, “Why would anyone use HTTP Basic Authentication?” There are two reasons: 1) the code required to implement HTTP Basic Authentication is shorter and simpler than the code to implement OAuth, and 2) if you are the only one that is going to use the application, you don’t need the flexibility and complexity of OAuth.

참고 항목

이 정보가 도움이 되었습니까?
(1500자 남음)
의견을 주셔서 감사합니다.

커뮤니티 추가 항목

추가
표시:
© 2014 Microsoft. All rights reserved.