Hi, now we don't talk about Passport for the time being.
Mood
2002.02.16
Article Type: in-depth
Difficult Level: 6/9
Version: 1.27
After I wrote the Passport, I found my own mistake, starting from the beginning. Maybe I just want to express my beautiful vanity after I want to express my love and contact. I would definitely deliberately ignoring other factors when I am intoxicated at the time. Otherwise when the plan is officially starting to use it, it will not find that it suddenly has some uncertainty, even if it is retired to the machine, it can't work, and then do it more and go to the document and think about it. I started somewhat embarrassing, because I found that the document is almost useless, this will be a name is not actually expressed, so for a technician, this feeling is painful, and it will be a lesson for him. .
However, the importance of Passport is not less than its complexity and cumbersome, which cannot predict how Microsoft will improve the uncertainty "harsh note" caused by this long-distance centralized verification, but in the future, the system and application can be seen in the future. , Avoid passing Passport, which means you have to take more risks in the MS platform in the future. So for "Do you need to touch Passport?", "Do you need to learn from PASSPORT?" The answer to this question should be a cautious "should", and give up the attitude of abandonment will be a good start. We can wait for a 3.0 version of Passport in contact with learning, but there is no better demo, there is no time to have a Help documentation, now we don't talk about MS for the time being. It is still complicated to exceed our understanding, we can only try and understand a little bit, do things that we can do. Finally, I welcome this fragile and psychedelic world, it is still full of loss and expectation.
The following will be an implementation of Passport (I guess a smallest framework), its original Nathan Smith (Nathan_y_smith@hotmail.com) Demonstration a DOTNET β2 version, I have made some small changes (no Less improvements, but the main frame is non-moving), and add a simple test front end. After I upgrade to DOTNET 1.0, I retest it, so the environment it needs may be:
Windows 2000 Server, MS SQL 2000 SP2 (Chinese or English), DOTNET SDK 1.0, VS.NET RTM, IIS 5.0 SP, IE6 2813
data structure:
Design two databases: PassportsVR, PassportClient
PassportsVR:
PassportClient:
There is also a stored procedure that implements the core function below:
Sp_registeruser
sp_setuserinfo
Sp_setuserpassword
Sp_setuserStatus
SP_PURGEUSER
sp_setuserhomeservice
Sp_validateuser
sp_registerService
Sp_setserviceinfo
Sp_setServicePassword
SP_setServiceStatus
SP_PURGESERVICE
sp_validateservice
Application implementation:
Based on the above data structure, two Web Services, a management interface as a whole, one is provided to the Client Services interface to which the end user is used.
It is only 7 functions that ultimately provide to the user. Of course, you can test the registerService function when you debug Services WebServices, which will create a Services, write down Services_name and Services_Password, and implement the global webservice of Client. There is this application: protected void application_start (Object Sender, Eventargs E)
{
DataManager.initManager ();
Passport PPSVC = New Passport ();
Appnticket = PPSVC.AuthenticateService ("Passport", "Passport");
PPSVC = NULL;
}
There is a security mechanism similar to the Passport, which is a use of AuthenticationalTicket, which is a token, which is a token, which is a token, which is a token, which is a TOKEN.
Ticket Structure
Public Class AuthenticationTicket
{
Public AuthenticationTicket ()
{
}
Public int token;
Public int ign;
Public Double ExpirationDATEDATEDATED;
Public Double Issuedate;
Public String Nickname;
Public string firstname;
Public String lastname;
}
Token Generation Routine
Static Private Int GenerationToken (int systemid, string nickname,
INT PasswordHash, Double Issuedate, Double ExpirationDate
{
Int RTN; // Our Return Value
String s_token; // string concatenation of the objects
// Concatenate All of Our Values Together.
// Note the use of hasening the password and the ID, this
// * SHOULD * HELP Reduce The Probability of Attack
s_token = systemid.gethashcode (). TSTRING ()
Nickname PasswordHash.gethashcode (). Tostring ()
Issuedate.tostring () expirationdate.toString ();
// Get the hash of the concatenchion and return it
RTN = s_token.gethashcode ();
Return RTN;
}
It is better to solve the main problem, and the implementation of the rear is solved, the following is the functional function of two web services exposures.
Public AuthenticationalTicket AuthenticateService
Public AuthenticationalTicket AuthenticateUser
Public AuthenticationticKet CreateAccount
Public int distribleaccount
Public int enableaccountpublic int purgeaccount
Public int setAccounthome
Public int setAccountinfo
Public int setAccountpassword
Public int setServiceInfo
Public Int setServicePassword
Public int registerService
Public Bool ValidateServentickenTicket
Public Bool ValidateUserticket
It is very simple to see the interface with the true client. (This is another good highlight) If everything is OK, then you click RegisterCunt, enter the required data, if it returns the following result:
The rest of the work I think is packaged, use an ASP.NET web form to test and use it.
in conclusion:
This will be an implementation of a possible Passport, of course not all, but if it is not necessary to use it in formal applications, you can strengthen and derive from the following suggestions:
1. The architecture uses the latest web services, perhaps the original author likes Web Services too much, so it may be too much, then the most likely is in this example you can see the incomplete phenomenon of Web Services transaction, when one When WE calls, sometimes we will find that there is data in a database.
2. The XML feature of SQL 2000 is used when constructing, although the convenient characteristics of SQL 2000 are demonstrated (Nathan Smith is a MCSD Haha), which means that some kind of non-ventilation is meant to use Oracle, IBM database. Some of the code must be re-considered and written.
3. As a core functional part of an application, the current Web Services architecture is too thin and loose, and must consider the implementation of Window Services and thread pools to improve performance, and make a adjustment to the program's architecture.
4. Database design is not complete, need to be refined and re-designed, add tables. Remember that it is just a Demo
5. Nathan Smith puts the database's connection in GoalX's file, seems to save the establishment of Connection (of course this is a little bad but labor-saving), found that it is not necessary to establish a second database connection in my testing, in Without the implementation of its affairs guarantees, it is often the main reason for the incomplete data (I have moved all database connections to the function), so depending on the need to add a reliable DAL layer.
Since Microsoft purchased Passport from Firefly Network from Firefly Network, Passport is constantly developing in the number of users and functions, and the 1.4 version shows two large features: Single Sign In (SSI) and Express Purchase (EP). 2.0 version mainly Provide a complete COM interface (very similar to Wininet API), an embedded interface (Embedded Passport UI), more importantly, to the Kerberos-based Authentication. It can be foreseen that of the next 2.1 or 3.0 version, which enhances the support of IE6, P3P, and WAP, HDML, Microsoft Mobile Explorer, PocketPC, more importantly, support based on XML information processing (current PASSPORT system In the structure, the Client, Participating Website and Microsoft Passport Server is like a triangle, and the Websit and Passport Server are not directly communicating when SSI or EP, but to deliver information with the client using the HTTP query string and http redirect. All needs to be stored. Data such as login status, user profile is dependent on the user-end cookie), Passport will become a key service for HailStorm, then the support for XML is necessary, and the integration of functionality between the current HailStorm service will also be large. Challenge, Passport's biggest opportunity is not to launch its DOTNET version, and how it becomes a centralized verification, but also provides a framework for personalized service, which will also be a whole HailStorm (.NET My Services) service A precursor of the charge angle. Regardless of how the outside world comments or how to fight for the free league, "Today's Passport is not equal to Tomorrow's Passport" (Li Kai Fu), the future is not always a bright and even a smooth sailing. "When our road is to a dark forest, how difficult is to pursue when the road is set. The road is set, and the return does not seem to be. Life is our contract, except for the Supreme Court, no one can revoke it. ", Passport is also the same: the battle requires more artillery fire, the times have already been filled with revolution, and better alive is its most transcendence.
Related File Download: [Project for RTM] [Passportold] [PASSPORTOLD]
especially:
The above software and procedures have indicated that the sources and owners, respect copyright and their own terms.
Thanks 9CBS to provide space for downloading files and pictures.
This article 9CBS signature start, reprint, or adaptation, please indicate the author and the source. If there is a problem, please send an email to new2001@msn.com
The above text and pictures involve other people's privacy and personal rights, all texts and pictures are only used for internal communication and do not make any news published and commercial purposes.
