.NET Core 中的 Windows 身份验证在 Chrome 中不显示提示

Question

I'm using Visual Studio Professional 2019 with Asp.Net Core 3.1 on Windows 10 Enterprise.我在 Windows 10 Enterprise 上使用带有 Asp.Net Core 3.1 的 Visual Studio Professional 2019。

I'm building a website that shows different views based on the Authentication of the user: if an user authenticates with his Active Directory credentials then he can see more things on the Webpages otherwise he can see basic info.我正在构建一个根据用户身份验证显示不同视图的网站：如果用户使用他的 Active Directory 凭据进行身份验证，那么他可以在网页上看到更多内容，否则他可以看到基本信息。

So I combined the use of the Windows Authentication and Anonymouse Authentication setting both to TRUE in the launchSetting.json :因此，我在launchSetting.json 中将Windows 身份验证和匿名身份验证设置的使用都设置为 TRUE：

{
  "iisSettings": {
    "windowsAuthentication": true,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:50548",
      "sslPort": 44312
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "Name_Of_The_Project": {
      "commandName": "Project",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
      "applicationUrl": "https://localhost:5001;http://localhost:5000"
    }
  }
}

In the controller I've created the Login method:在控制器中，我创建了 Login 方法：

// GET: /Config/Login
public IActionResult Login()
{
    Console.WriteLine("I'm in Login (GET)");

    Console.WriteLine("----------------------------------");
    return View();
}

It returns me this View (Login.cshtml):它返回给我这个视图（Login.cshtml）：

@if (User.Identity.IsAuthenticated)
{
    <h3>You are logged in</h3> 
}
else
{
    <h3>Please insert your Windows credentials to login</h3>
    <div>Click the link and a window will appear</div>
    <br />
    <a href="/Config/LoginWindows">Login</a>
}

I use "User.Identity.IsAuthenticated" in the Views to check if the user is already authenticated to show them the right info.我在视图中使用“User.Identity.IsAuthenticated”来检查用户是否已经过身份验证以向他们显示正确的信息。 So in this case if the user is not authenticated, a button will show up which gets handled by this method in the controller:因此，在这种情况下，如果用户未通过身份验证，则会显示一个按钮，该按钮将在控制器中由此方法处理：

[Authorize]
// GET: /Config/LoginWindows
public IActionResult LoginWindows()
{
    Console.WriteLine("I'm in LoginWindows (GET)");

    Console.WriteLine("----------------------------------");
    return RedirectToAction("Login");
}

Because it has the [Authorize] attribute, it triggers the Windows Authentication prompt where I have to put my credentials.因为它具有 [Authorize] 属性，所以它会触发 Windows 身份验证提示，我必须在其中输入我的凭据。 If they're correct, User.Identity.IsAuthenticated will be set to TRUE and then I can see all the right contents in the pages.如果它们是正确的，User.Identity.IsAuthenticated 将被设置为 TRUE，然后我可以在页面中看到所有正确的内容。

I tried configuring Startup.cs both for IIS Express and Kestel web servers and launching the website using both of them: In the options of the play button in Visual studio if I choose IIS Express will use the IIS Express proxy, if I choose Name_Of_The_Project Kestel will be used directly.我尝试为 IIS Express 和 Kestel Web 服务器配置Startup.cs并使用它们启动网站：在 Visual Studio 的播放按钮选项中，如果我选择 IIS Express 将使用 IIS Express 代理，如果我选择 Name_Of_The_Project Kestel将直接使用。

IIS Express IIS Express

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
        // IIS/IIS Express
        services.AddAuthentication(IISDefaults.AuthenticationScheme);

        services.AddControllersWithViews();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }
        app.UseHttpsRedirection();
        app.UseStatusCodePagesWithReExecute("/Config/LoginFailed"); // first asks me the credentials then if it fails, i'm redirected to the other page
        app.UseStaticFiles();
        app.UseRouting();

        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
        });
    }
}

Kestel凯斯特尔

public class Startup
{
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

    public IConfiguration Configuration { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {

        // KESTREL
        services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
            .AddNegotiate();

        services.AddControllersWithViews();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseExceptionHandler("/Home/Error");
            // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
            app.UseHsts();
        }
        app.UseHttpsRedirection();
        app.UseStatusCodePagesWithReExecute("/Config/LoginFailed"); // first asks me the credentials then if it fails, i'm redirected to the other page
        app.UseStaticFiles();
        app.UseRouting();

        app.UseAuthentication();
        app.UseAuthorization();

        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
        });
    }
}

The problem问题

My problem is that in both configurations only Microsoft Edge has the right behavior: I click the button in the login page, the prompt shows up, I put my credentials, the page reloads saying I'm logged in.我的问题是，在这两种配置中，只有 Microsoft Edge 具有正确的行为：我单击登录页面中的按钮，出现提示，我输入凭据，页面重新加载说我已登录。

In Google Chrome I click the button in the Login page and it automaticly authenticates me without showing any prompt.在 Google Chrome 中，我单击登录页面中的按钮，它会自动对我进行身份验证而不显示任何提示。 After some time when browsing through the website, User.Identity.IsAuthenticated returns to FALSE so I need to click the login button another time.浏览网站一段时间后，User.Identity.IsAuthenticated 返回 FALSE，因此我需要再次单击登录按钮。

In Firefox the prompt shows up but it doesn't accept my credentials so the prompt reloads everytime till the webpage shows me I don't have the Authorization to access.在 Firefox 中，提示出现但它不接受我的凭据，因此每次都会重新加载提示，直到网页显示我没有访问权限。

I've followed the Microsoft Docs:我遵循了 Microsoft Docs：

Configure Windows Authentication 配置 Windows 身份验证

Simple Authorization 简单授权

Answer 1

即互联网选项 > 安全 > 可信站点添加您的网站 url 示例： http://localhost:6000或http://foo.bar.web:7000

.NET Core 中的 Windows 身份验证在 Chrome 中不显示提示

问题描述

1 个解决方案

解决方案1
0 2020-03-06 12:05:59

.NET Core 中的 Windows 身份验证在 Chrome 中不显示提示

问题描述

1 个解决方案

解决方案1 0 2020-03-06 12:05:59

解决方案1
0 2020-03-06 12:05:59