Book Image

Mastering ServiceStack

By : Andreas Niedermair
Book Image

Mastering ServiceStack

By: Andreas Niedermair

Overview of this book

Table of Contents (13 chapters)

Authentication and authorization

These two terms are normally applied to sensible endpoints, where "authentication" is all about getting the information about which user executes a requests, and "authorization" checks if the authenticated user is allowed to request a resource.

Authentication providers

Based on your authentication method you can choose from the following available providers (all implementing the ServiceStack.Auth.IAuthProvider interface):

  • Basic providers: These providers depend on a registered ServiceStack.Auth.IAuthRepository implementation to ensure authentication:

    • ServiceStack.Auth.CredentialsProvider: You can obtain an authenticated session, by posting a username and a password (either via query string parameters or JSON payload) to /auth/credentials.

    • ServiceStack.Auth.BasicAuthProvider: Adding an HTTP header Authorization (according to RFC 1945 for HTTP 1.0 and 2617 for HTTP 1.1) to the request triggers the validation of the provided credentials to obtain an authenticated...