如何在C#中创建有效的基本身份验证
[英]How to create working Basic Authentication in C#
问题描述
I used this tutorial to create a basic authentication for my website: 
我使用本教程为我的网站创建了基本身份验证:
http://msdn.microsoft.com/en-us/data/gg192997.aspx http://msdn.microsoft.com/en-us/data/gg192997.aspx
I modified the password to admin, however, when I try to access the website in any browser, it always prompts for username and password but never accepts it. 我将密码修改为admin,但是,当我尝试在任何浏览器中访问该网站时,该密码始终提示输入用户名和密码,但从不接受。 If I change the code to return true on 如果我更改代码以在返回true
public static bool Authenticate(HttpContext context)
It doesn't change anything. 它没有任何改变。 What else should I set? 我还应该设置什么?
1 个解决方案
解决方案1
1
Make sure that all authentication settings in IIS (for the specific site) are disabled and only Basic Authentication is enabled. 确保禁用IIS(针对特定站点)中的所有身份验证设置,并且仅启用基本身份验证。 Browsers are expected to request a user and password that are always acceptable when they are valid. 浏览器应要求用户和密码在有效时始终可接受。 Sometimes restarting a site and its relative application pool may also help (especially in older versions of windows). 有时重新启动站点及其相关的应用程序池也可能会有所帮助(尤其是在Windows的旧版本中)。
Have in mind that basic authentication is not safe as it passes credentials via a request header in base64 encoding. 请记住,基本身份验证是不安全的,因为它通过base64编码的请求标头传递凭据。 A good idea is to use ssl - you can get a free one from startssl.com for a live site, or create a self signed one from iis for dev perposes. 一个好主意是使用ssl-您可以从startssl.com免费获得一个真实站点,也可以从iis创建一个自签名的站点以进行开发。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.