在IIS中托管OWIN / Katana时如何获得WindowsPrincipal?
[英]How do I get the WindowsPrincipal when hosting OWIN/Katana inside IIS?
问题描述
I am attempting to run an OWIN/Katana application hosted by IIS with Windows Authentication, but no matter what I do, I only ever seem to get a GenericPrincipal which hasn't been authenticated, rather than the relevant WindowsPrincipal . 
我正在尝试使用Windows身份验证运行由IIS托管的OWIN / Katana应用程序,但是无论我做什么,我似乎只得到了未经身份验证的GenericPrincipal ,而不是相关的WindowsPrincipal 。
My Startup.cs : 我的Startup.cs :
public partial class Startup
{
public void Configuration(IAppBuilder app)
{
var config = new HttpConfiguration();
WebApiConfig.Register(config);
app.UseWebApi(config);
}
}
My controller: 我的控制器:
public class TestController : ApiController
{
[Authorize]
public string Get()
{
return "Test";
}
}
From having looked at the requests and debugging through the code, it appears as if the NTLM authentication happens successfully, but when it reaches WebAPI, the Principal is not authenticated, so it returns a 401, causing IIS to try doing Windows Authentication again. 通过查看请求并通过代码进行调试,看起来好像NTLM身份验证成功完成,但是当它到达WebAPI时,主体就没有经过身份验证,因此它返回401,导致IIS再次尝试执行Windows身份验证。
Web.config fragment: Web.config片段:
<system.web>
<authentication mode="Windows" />
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
Update 更新
It appears the WindowsPrincipal does make it into a dummy Middleware I added, but not into WebApi itself. 看起来WindowsPrincipal确实使它成为了我添加的虚拟中间件,但没有使其成为WebApi本身。 It looks like Katana is changing the principal at some point in the pipeline. 好像Katana正在管道中的某个时刻更改主体。
2 个解决方案
解决方案1
0 2015-04-22 14:15:09
Try to cast the object: 尝试投射对象:
using System.Security.Principal;
public ActionResult Get()
{
var identity = this.User.Identity as WindowsIdentity;
if (identity != null)
{
var data = new WindowsUserInformation {
Name = identity.Name,
AccountDomainSid = identity.User.AccountDomainSid.Value,
CreationDate = DateTime.UtcNow
};
Tell me if this line is giving you the correct identity and if the data is correct... if it is not, then u have some other problem during the authentication .... 告诉我此行是否为您提供正确的身份,以及数据是否正确……如果不正确,则在身份验证过程中您还有其他问题……。
解决方案2
0 2017-05-16 22:08:30
I had this problem, and in my case, it was due to a <authentication mode="None"/> sitting in the Web.config. 我遇到了这个问题,就我而言,这是由于Web.config中有一个<authentication mode="None"/>造成的。 After I removed that, everything worked great - OWIN returned a WindowsIdentity instead of a GenericIdentity. 删除该文件后,一切运行良好-OWIN返回了WindowsIdentity而不是GenericIdentity。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.