[英]ASP.NET Impersonate in .NETFramework 2 VS .NETFrameWork 4
We have an ASP.NET Site in .NetFramework 2 (with App Pool 2 Classic in IIS 7.5), We use mixed Authentication with Basic Authenticate
and Form Authenticate
. 我们在.NetFramework 2中拥有一个ASP.NET站点(在IIS 7.5中具有App Pool 2 Classic),我们将混合身份验证与
Basic Authenticate
和Form Authenticate
。
The Configuration in IIS is: IIS中的配置为:
And have specific user in Anonymous Authentication named: Guest
. 并在匿名身份验证中有一个特定的用户:
Guest
。
When The user Login with another username like Admin
we use impersonate: 当用户使用其他用户名(如
Admin
登录时,我们使用模拟:
string Token = GetSpecificTokenOfCurrentUser();
System.Security.Principal.WindowsIdentity WinUser = (WindowsIdentity) HttpContext.Current.Application["User_"+Token];
WinUser.Impersonate();
So every thing is perfect until we upgrade website to .NetFramework 4 and add a lot of features in .NET 4 to website, and we figured we have a new Problem. 因此,每件事都是完美的,直到我们将网站升级到.NetFramework 4并向网站中添加.NET 4的许多功能,然后我们才发现我们有一个新的问题。
The problem is the user login with Admin
And open some pages (3-4) all together in same time, like quickly opened in new tab, the User Not impersonated in some cases. 问题是用户使用
Admin
登录并同时打开所有页面(3-4),就像在新标签页中快速打开一样,在某些情况下,该用户未被模拟。 Like the first page impersonated correctly to Admin
but another pages not impersonated and still have Guest
User. 就像第一页正确地模拟为
Admin
而其他页面未模拟而仍然具有Guest
用户。
This is so weird, we don't have any changes in Authentication Part. 这太奇怪了,我们在身份验证部分没有任何更改。 the changes is we upgrade to .NetFrameWork 4 and App Pool is .NetFrameWork 4 - Classic.
所做的更改是我们升级到.NetFrameWork 4,而应用程序池是.NetFrameWork 4-经典版。
We have a test in .Net 2 Version Of Website. 我们在.Net 2版本的网站中进行了测试。 every thing is OK, but we change the App Pool to .NetFrameWork 4 and the problem was shown.
一切正常,但是我们将应用程序池更改为.NetFrameWork 4,并显示了问题。
So The question is what changes happened in .NetFramework 4 App Pool to Impersonate? 所以问题是,要假冒.NetFramework 4应用程序池中发生了什么变化?
Is there any thing we missed? 有什么我们想念的吗? any suggestion?
有什么建议吗?
I found Some points: 我发现了几点:
1- The Multi-Request behaves like Parallel processing, and as you know in classic mode we have some limitations with parallelism. 1-多请求的行为类似于并行处理,并且您知道在经典模式下,并行性有一些限制。
2- In Integrated mode we have some limitations in Impersonate
Enable. 2-在集成模式下,
Impersonate
启用存在一些限制。 The default behavior of Enable Impersonate is 500.24 Error: Internal Server Error An ASP.NET setting has been detected that does not apply in Integrated managed pipeline mode"
if we want enable impersonate we need to add <validation validateIntegratedModeConfiguration="false"/>
to <system.webServer>
in web.config, So we don't get the error, but steel we have another limitation. The impersonate commands not worked in Begin_Request
And in AuthenticateRequest
Methods, anything else worked perfectly. 启用模拟的默认行为是500.24错误:
Internal Server Error An ASP.NET setting has been detected that does not apply in Integrated managed pipeline mode"
如果要启用模拟,我们需要向其中添加<validation validateIntegratedModeConfiguration="false"/>
web.config中的<system.webServer>
,所以我们没有得到错误,但是还有一个局限性:模拟命令在Begin_Request
和AuthenticateRequest
方法中Begin_Request
,其他任何事情都可以正常工作。
The Breaking Changes for ASP.NET 2.0 applications running in Integrated mode on IIS 7.0 is very good article in this case. 在这种情况下,在IIS 7.0上以集成模式运行的ASP.NET 2.0应用程序的重大更改是非常好的文章。
So the solution is 所以解决方案是
Move to Integrated mode (Need Add tag) And Use Impersonate in any other methods instead of Begin_Request
or AuthenticateRequest
. 转到集成模式(需要添加标记),然后在其他任何方法中使用模仿来代替
Begin_Request
或AuthenticateRequest
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.