堆栈内存溢出
  简体   繁体   English

c# .net Web Api Windows 和匿名身份验证获取当前用户

[英]c# .net Web Api Windows and Anonymous Authentication get current user

 原文  2018-08-30 14:20:41       c#/ .net/ authentication/ iis/ asp.net-web-api

问题描述

I'm trying to get the local user, but I have no return.我试图获得本地用户,但我没有回报。

  • WebApi网络接口
  • IIS (10) Windows 10 IIS (10) 视窗 10

My IIS Enabled:我的 IIS 已启用:

  • Windows视窗
  • Basic基本的
  • Anonymous匿名的

Visual Studio 2017 C# .net 4.6.1 Visual Studio 2017 C# .net 4.6.1

I already tried to tag the web config:我已经尝试标记网络配置:

  <authorization>
  <allow users="?" />
</authorization>
AND
<identity impersonate="false" />
<authentication mode="Windows" />

Code WebApi代码 WebApi

 [HttpGet]
    [Authorize]//I already tried [AllowAnonymous]
    public User Get()
    {
        System.Net.NetworkCredential SystemCredential = (System.Net.NetworkCredential)ADUtil.SystemCredential();
        string login = HttpContextUtil.Request.LogonUserIdentity.Name;
error here, login return 'NT AUTHORITY\IUSR'.
}

2 个解决方案

解决方案1
 1  2018-08-30 14:53:15

You can't mix modes of Authentication within an application without getting in a mess.您不能在应用程序中混合身份验证模式而不会陷入混乱。 You have to pick one and stick to it.你必须选择一个并坚持下去。

The AllowAnonymous attribute let you access specific controllers without Authentication. AllowAnonymous属性让您无需身份验证即可访问特定控制器。 Whether they are authenticated or not depends on your method of Authentication.它们是否经过身份验证取决于您的身份验证方法。 It is usually used to access Login pages, but may also be used for areas of the site that you don't need to restrict access to.它通常用于访问登录页面,但也可用于不需要限制访问的站点区域。

Probably the easiest way is to disable everything except "Windows" in IIS可能最简单的方法是在 IIS 中禁用除“Windows”之外的所有内容

解决方案2
 0  2019-05-18 19:16:46

As mentioned here if you want to allow users to request anonymous and others with windows authentication, your best way is to present two different sub-paths for each AuthenticationScheme for example define a route for anonymous request like /anonymous/{controller}/{action} and one for windows authentication requests /windows/{controller}/{action} .正如这里提到的如果你想允许用户通过 Windows 身份验证请求匿名和其他人,你最好的方法是为每个AuthenticationScheme呈现两个不同的子路径,例如为匿名请求定义一个路由,如/anonymous/{controller}/{action} ,一个用于Windows认证请求/windows/{controller}/{action} Therefor you don't have to double implement the controller, but the drawback is that you have to run two connections for the same module.因此,您不必双重实现控制器,但缺点是您必须为同一个模块运行两个连接。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 具有Windows身份验证的C#Web API-获取具有可读组名的本地Windows用户组-无广告 - C# Web API with Windows Authentication - Get Local Windows Users Groups with readable group name- No AD ASP.NET Web界面的C#Windows身份验证 - c# windows authentication for a asp.net web interface 从 Twitter API 获取用户的电子邮件以进行外部登录身份验证 ASP.NET MVC C# - Get user's email from Twitter API for External Login Authentication ASP.NET MVC C# 在C#Web API上进行用户身份验证的最佳做法是什么? - What is the best practice for user authentication on a C# web api? 使用 C# ASP.NET Core Web API 进行谷歌身份验证 - Google authentication with C# ASP.NET Core Web API 如何在没有Graph API的C#Azure B2C身份验证中获取当前登录用户的用户名和电子邮件地址? - How to get current login user's username & email address in C# Azure B2C authentication without Graph API? 如何在C#Web APP中获取当前的Windows登录名? - How to get current Windows Login Name in C# Web APP? 如何在C#Web API同步和异步中获取Windows身份验证用户 - How to get Windows Authenticated user in C# Web API sync and async ASP.NET Windows身份验证+服务器始终获取匿名用户 - ASP.NET Windows Authentication + server always getting anonymous user 使用C#获取当前用户的Windows资源管理器字体大小 - Get windows explorer font size of current user using C#
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM