asp net core 3.1 angular windows 认证需要用户名和密码
[英]asp net core 3.1 angular windows authentication required username and password
问题描述
i'm using asp net core 3.1 with angular i want to combine windows authentication and JWT for canactivate in angular while routing and authorize the controller but always required windows username and password while i pass the token from interceptor to the controller 
i'm using asp net core 3.1 with angular i want to combine windows authentication and JWT for canactivate in angular while routing and authorize the controller but always required windows username and password while i pass the token from interceptor to the controller
request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + user.token) });
my launchSettings.json change to below我的launchSettings.json 更改为以下
"windowsAuthentication": true,
"anonymousAuthentication": false,
add below code to the startup ConfigureServices将以下代码添加到启动 ConfigureServices
var appSettingsSection = Configuration.GetSection("AppSettings");
services.Configure<AppSettings>(appSettingsSection);
// configure jwt authentication
var appSettings = appSettingsSection.Get<AppSettings>();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false
};
});
add below code to the startup Configure将以下代码添加到启动配置
app.UseAuthentication();
app.UseAuthorization();
1 个解决方案
解决方案1
0 2020-08-14 06:24:30
You can hardly combine windows and jwt token authentication if you are hosting your application on IIS.如果您将应用程序托管在 IIS 上,则几乎无法将 windows 和 jwt 令牌身份验证结合起来。 Both JWT and Windows authentication utilize the Authorization header in Http Request Header, but IIS takes it over first, when your request is a JWT request, the Authorization header you sent is some like this Both JWT and Windows authentication utilize the Authorization header in Http Request Header, but IIS takes it over first, when your request is a JWT request, the Authorization header you sent is some like this
Authorization: Bearer {jwtcontent}
Then iis windows authentication module takes over your request and found it can not recognize your Authorization header, so it responses to your request with 401 and a Authorization header like this(Negotiate) Then iis windows authentication module takes over your request and found it can not recognize your Authorization header, so it responses to your request with 401 and a Authorization header like this(Negotiate)
Authorization: Negotiate YIIg8gYGKwY[...]hdN7Z6yDNBuU=
or (for NTLM)或(对于 NTLM)
Authorization: NTLM TlRMTVN[...]ADw==
Your browser receives this response and found server is looking for a windows credential so it pops up a windows asking you to type in your username and pwd您的浏览器收到此响应并发现服务器正在寻找 windows 凭据,因此它会弹出 windows 要求您输入用户名和密码
All of these are handled by IIS and Browser, it does not even goes to your application code.所有这些都由 IIS 和浏览器处理,它甚至不会进入您的应用程序代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.