[英]how can authenticate a client on a different machine on a WebAPI with a user from WebAPI's domain?
I have an ASP.NET Web Api 2.2 with Windows Authentication enabled. 我有一个启用Windows身份验证的ASP.NET Web Api 2.2。
And also, I have a client with .NET Framework 4.0 to connect to this WebAPI: 而且,我有一个具有.NET Framework 4.0的客户端来连接到此WebAPI:
HttpClientHandler handler = new HttpClientHandler()
{
UseDefaultCredentials = true
};
// Llamar al servicio web para obtener los códigos.
using (var client = new HttpClient(handler))
{
}
But the client will run in a computer that it isn't on the same domain than the web api. 但是客户端将在与Web API不在同一域中的计算机上运行。
Is UseDefaultCredentials = true
enought or do I have to pass user, password and domain to the web service? UseDefaultCredentials = true
足够?还是我必须将用户,密码和域传递给Web服务?
IIS is going to try and authenticate the HTTP request coming in using Windows Authentication and it's going to fail because the box is on a different domain. IIS将尝试使用Windows身份验证来验证传入的HTTP请求,但由于该框位于其他域中而将失败。 None of your server side code is going to execute.
您的服务器端代码都不会执行。 Take a look at the HTTP request/response flow in Fiddler or a browsers developer tools to understand the process of Windows Authentication better.
查看Fiddler或浏览器开发人员工具中的HTTP请求/响应流,以更好地了解Windows身份验证的过程。
You could create a page on the server with anonymous access enabled which could run some authentication code but you'd need to consider how you're going to send the username and password over securely... 您可以在启用了匿名访问的服务器上创建一个页面,该页面可以运行一些身份验证代码,但是您需要考虑如何安全地发送用户名和密码...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.