Firefox NTLM凭证到localhost
[英]Firefox NTLM Credentials to localhost
问题描述
I'm trying to setup a WebAPI web service and website that will operate on our company intranet. 
我正在尝试设置一个可在我们公司内部网上运行的WebAPI Web服务和网站。 I'm using IIS to host the webservice (A) as well as my website (B). 我正在使用IIS来托管web服务(A)以及我的网站(B)。 A page on my website makes a request to the web service thusly: 我网站上的一个页面因此向Web服务发出请求:
var URL = 'http://MachineName:80/AWebService/api/GetGuid';
var request = new XMLHttpRequest();
request.open("GET", URL, false);
request.withCredentials = "true";
request.send();
var response = request.responseText;
return response;
The WebService code looks like this: WebService代码如下所示:
[EnableCors(origins: "http://localhost", headers: "*", methods: "*")]
public class StoneSoupController : ApiController
{
[ActionName("GetGuid")]
public HttpResponseMessage GetGuid()
{
var indenty = this.User.Identity;
Guid g = Guid.NewGuid();
HttpResponseMessage msg = new HttpResponseMessage();
msg.Content = new StringContent(g.ToString());
msg.Headers.Add("Access-Control-Allow-Origin", "http://localhost"); //tried with and without this
msg.Headers.Add("Access-Control-Allow-Credentials", "true"); //tried with and without this
return msg;
}
}
If I set the Authentication mode in IIS for the web service to Anonymous Authentication then the web service returns the guid string as expected. 如果我将IIS中的身份验证模式设置为匿名身份验证,则Web服务将按预期返回guid字符串。 However I need to control which users are able to access certain methods on the webservice and want to use their windows credentials to do this. 但是,我需要控制哪些用户能够访问Web服务上的某些方法,并希望使用他们的Windows凭据来执行此操作。
My problem is that I can't seem to make Firefox send the windows credentials. 我的问题是我似乎无法让Firefox发送Windows凭据。 I've tried including http://localhost in network.automatic-ntlm-auth.trusted-uris in about-config in Firefox, but that doesn't seem to have any effect. 我尝试在Firefox的about-config中的network.automatic-ntlm-auth.trusted-uris中包含http://localhost ,但这似乎没有任何效果。
I've enabled logging in IIS and this is what it records for the request 我已经在IIS中启用了日志记录,这就是它为请求记录的内容
2013-08-01 21:36:05 136.203.40.232 GET /AWebService/api/GetGuid - 80 - 136.203.40.232 Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:17.0)+Gecko/20100101+Firefox/17.0 200 0 0 965
As you can see there's no user id in the transaction. 正如您所看到的,交易中没有用户ID。
Can anyone help me with this? 谁能帮我这个?
2 个解决方案
解决方案1
1 2013-09-16 19:49:13
browser will ask or automatically send user credentials when response header has 浏览器会在响应标头出现时询问或自动发送用户凭据
WWW-Authenticate NTLM WWW-验证NTLM
step 2: 第2步:
you need to change authentication of your web api to windows and add authorize attribute to action or controller 您需要将Web api的身份验证更改为Windows,并将authorize属性添加到操作或控制器
Step 3: Firefox doesn't send credentials like IE sends. 第3步:Firefox不发送IE发送的凭据。 you need change firefox settings about:config set you application url to this variable network.automatic-ntlm-auth.trusted-uris 你需要更改firefox设置about:config将你的应用程序url设置为此变量network.automatic-ntlm-auth.trusted-uris
解决方案2
0 2013-12-04 13:07:25
In regards to your comment to Giridhar: 关于你对Giridhar的评论:
It might be that IIS does not have "HTTP keep-alive" enabled. 可能是IIS没有启用“HTTP keep-alive”。
To enable HTTP Keep-Alives
In IIS Manager, expand the local computer, expand the Web Sites folder, right-click the Web site, and click Properties.
On the Web Site tab, in the Connections section, click the Enable HTTP Keep-Alives check box.
Click Apply, and then click OK.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.