[英]Windows Integrated Authentication not working on first page load
I have an ASP.NET MVC4 website deployed on IIS with Windows Authentication enabled. 我有一个启用Windows身份验证的IIS上部署的ASP.NET MVC4网站。 My config file has this setting:
我的配置文件具有以下设置:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
My understanding is that this will allow me to authenticate without having to type in credentials; 我的理解是,这将使我无需输入凭据即可进行身份验证; ie an intranet site.
即一个Intranet站点。
This works as intended, except for the first page load. 除第一页加载外,这按预期工作。 When I first access the website, I am directed to the following URL:
首次访问该网站时,将定向到以下URL:
http://localhost/SandboxWebsite/login.aspx?ReturnUrl=%2fSandboxWebsite
HTTP://localhost/SandboxWebsite/login.aspx RETURNURL =%2fSandboxWebsite
This is obviously a page that asks for credentials. 显然,这是一个要求提供凭据的页面。 When I then navigate again to
http://localhost/SandboxWebsite/
, I am automatically authenticated without having to enter any credentials. 然后,当我再次导航到
http://localhost/SandboxWebsite/
,无需输入任何凭据即可自动进行身份验证。
Why is this occurring and how can I prevent it? 为什么会发生这种情况,我该如何预防呢?
The problem was that, whilst anonymous access was disabled as a setting, there was no authorisation rule to deny anonymous users. 问题在于,尽管禁用了匿名访问作为设置,但没有拒绝匿名用户的授权规则 。 Why this redirected me to Login.aspx I do not know, but I fixed it by adding the following rules.
为什么这会将我重定向到我不知道的Login.aspx,但是我通过添加以下规则对其进行了修复。
IIS > MyWebsite > .NET Authorization Rules IIS> MyWebsite> .NET授权规则
John, 约翰,
this is a long shot but have you tried using an address other than LocalHost to access the site ? 这是一个长镜头,但是您是否尝试过使用LocalHost以外的地址来访问该站点? It may be that your ASP.NET MVC4 website is expecting a specific domain name/computer name or IP address because of the way it was setup.
您的ASP.NET MVC4网站可能由于其设置方式而期望使用特定的域名/计算机名称或IP地址。
You could alter your hosts file to test this out. 您可以更改主机文件以进行测试。
Hope this helps. 希望这可以帮助。 Dorje
多吉
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.