[英]My web application is rejecting Windows authentication for a local Windows account
My issue is that my service only lets my own Windows account connect to it, but I would like to allow connections from any valid Windows domain accounts. 我的问题是我的服务仅允许我自己的Windows帐户连接到它,但是我想允许来自任何有效Windows域帐户的连接。 My service is hosted in IIS Express.
我的服务托管在IIS Express中。 When I browse to
https://localhost:44300/FileRetrievalService.svc/get
in Google Chrome, I see my [WebGet]
method is called just fine. 当我在Google Chrome浏览器中浏览到
https://localhost:44300/FileRetrievalService.svc/get
时,我看到了[WebGet]
方法就可以了。 When I try to create a web request to it, it also works, as long as I specify my own Windows user account: 当我尝试为其创建Web请求时,只要指定了自己的Windows用户帐户,该请求也将起作用:
WebRequest request = WebRequest.Create(url);
request.Method = "GET";
request.Headers.Add("Path", filePath);
request.Credentials = new NetworkCredential("username", "password", "localhost");
return request.GetResponse();
When I try specifying a different local Windows account on my machine to authenticate a user against my service by changing "username"
and "password"
in the above code to another account which I know for sure exists on my machine, I get the following error: 当我尝试在计算机上指定其他本地Windows帐户以通过将上述代码中的
"username"
和"password"
更改为我确定在计算机上确实存在的另一个帐户来针对我的服务对用户进行身份验证时,出现以下错误:
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
System.Net.WebException:远程服务器返回错误:(401)未经授权。
I have the following in my service's Web.config
: 我在服务的
Web.config
具有以下内容:
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webHttpBindingWithTransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Windows"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<services>
<service name="FileRetrievalPoCV3.FileRetrievalService">
<endpoint behaviorConfiguration="webBehavior" binding="webHttpBinding" bindingConfiguration="webHttpBindingWithTransportSecurity" contract="FileRetrievalPoCV3.IFileRetrieval" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="webBehavior">
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<directoryBrowse enabled="false"/>
</system.webServer>
</configuration>
What is the cause of this issue? 此问题的原因是什么?
I'm going to guess your account has admin priveleges, and the other account does not. 我猜您的帐户具有管理员权限,而另一个帐户则没有。 If that's the case, you need to explicitly give permissions to your project folder (ie using Windows Explorer) or assign that user to a group that already has permission.
在这种情况下,您需要显式授予项目文件夹的权限(即使用Windows资源管理器)或将该用户分配给已经具有权限的组。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.