[英]OWIN/Katana WebAPI using Windows Authentication keeps asking for login/password
I have an OWIN/Katana WebAPI that is using Windows Authentication. 我有一个使用Windows身份验证的OWIN / Katana WebAPI。 When I run it locally, it's able to take in my windows credentials.
当我在本地运行它时,它可以接收我的Windows凭据。 However, when I deploy the WebAPI to a server/cluster, it keeps prompting me for my login and password.
但是,当我将WebAPI部署到服务器/群集时,它会一直提示我输入我的登录名和密码。
I currently have the following in the Startup.cs: 我目前在Startup.cs中有以下内容:
//Set up integrated windows authentication.
HttpListener listener = (HttpListener)appBuilder.Properties["System.Net.HttpListener"];
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication;
I even tried this as well: 我甚至试过这个:
HttpListener listener = (HttpListener)appBuilder.Properties["System.Net.HttpListener"];
listener.AuthenticationSchemes = AuthenticationSchemes.Negotiate;
In Fiddler, I was able to hit my API (on the server) by Enabling Authentication. 在Fiddler中,我能够通过启用身份验证来访问我的API(在服务器上)。 But if I consume the API from another application, it automatically comes back with a 401 Unauthorized.
但是如果我从另一个应用程序中使用API,它会自动返回401 Unauthorized。 Why is it still prompting a manual login even when I specifically made it Windows Authentication?
为什么即使我专门进行Windows身份验证,它仍然会提示手动登录?
I've been following these articles: 我一直在关注这些文章:
http://www.sbrickey.com/Tech/Blog/Post/AllowAnonymous_for_OWIN_Katana_self_hosted_WebAPIs_using_Kerberos http://www.sbrickey.com/Tech/Blog/Post/AllowAnonymous_for_OWIN_Katana_self_hosted_WebAPIs_using_Kerberos
https://blogs.msdn.microsoft.com/chiranth/2013/09/20/ntlm-want-to-know-how-it-works/ https://blogs.msdn.microsoft.com/chiranth/2013/09/20/ntlm-want-to-know-how-it-works/
https://docs.microsoft.com/en-us/aspnet/aspnet/overview/owin-and-katana/enabling-windows-authentication-in-katana https://docs.microsoft.com/en-us/aspnet/aspnet/overview/owin-and-katana/enabling-windows-authentication-in-katana
I found out why my web client is failing (thanks to @LexLi). 我发现了为什么我的Web客户端失败了(感谢@LexLi)。 I thought the issue was in my API but it turns out that I wasn't even sending my user credentials from the client.
我认为问题出在我的API中,但事实证明我甚至没有从客户端发送我的用户凭据。 I added the user credentials into the HttpHandler for my HttpClient and it worked.
我将用户凭据添加到我的HttpClient的HttpHandler中,并且它有效。
new HttpClient(new HttpClientHandler() { UseDefaultCredentials = true })
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.