IIS 网站使用本地主机,但不使用 IP 地址
[英]IIS website works with localhost, but not using an IP address
问题描述
I have an Angular frontend with a .NET framework backend, which has the following web.config file (nothing else about authorization/authentication):
我有一个 Angular 前端和一个 .NET 框架后端,它有以下web.config文件(没有关于授权/认证的其他内容):
<location path="Tokens">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="false" />
<anonymousAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
I am using AD login, which is the Tokens controller, the rest is secured by JWT tokens.我正在使用 AD 登录,这是令牌Tokens由 JWT 令牌保护。
My current problem is, I wish to test the website with other computers in the domain using IIS and the website works if I use localhost , but as soon as I use my IP, errors start appearing.我目前的问题是,我希望使用 IIS 与域中的其他计算机一起测试该网站,如果我使用localhost ,该网站可以正常工作,但是一旦我使用我的 IP,错误就会开始出现。
My frontend configuration JSON:我的前端配置 JSON:
{
...
"apiAddress": "https://IP:50505/",
...
}
And the backend web.config also contains this:后端web.config也包含这个:
<add key="WhitelistedServerUrls" value="https://IP:34622" />
So if the IP in the config files is localhost , then everything works as it should, but if I exchange that for my actual IP, then I get CORS errors as shown in the image below:因此,如果配置文件中的 IP 是localhost ,那么一切正常,但如果我将其交换为实际的 IP,则会出现 CORS 错误,如下图所示:
None of these errors appear if I use localhost.如果我使用本地主机,这些错误都不会出现。 Below is the list of the things I've tried:以下是我尝试过的事情的列表:
- CORS should be correctly set up in the code, but just to make sure, I also configured it in the
HTTP Response Headersfeature in IISCORS 应该在代码中正确设置,但为了确保,我还在 IIS 的HTTP Response Headers功能中配置了它- this fixed CORS errors, but brought different errors, also signalr had an error that CORS origin is set up twice这修复了 CORS 错误,但带来了不同的错误,signalr 也有一个错误,即 CORS origin 被设置了两次
- this fixed CORS errors, but brought different errors, also signalr had an error that CORS origin is set up twice
- I also added the website
https://IPto local intr.net in settings我还在设置中将网站https://IP添加到本地 intr.net- prior to this, I was getting a login popup, doing this fixed it在此之前,我得到了一个登录弹出窗口,这样做修复了它
- prior to this, I was getting a login popup, doing this fixed it
- my bindings for both frontend and backend are https with a self-signed certificate我对前端和后端的绑定都是 https,带有自签名证书
- browser notifies, that the certificate is not valid浏览器通知,证书无效
- browser notifies, that the certificate is not valid
My guess is that my IIS is not configured correctly, as the website works if I use localhost instead of an IP address.我的猜测是我的 IIS 配置不正确,因为如果我使用localhost而不是 IP 地址,网站就可以正常工作。
1 个解决方案
解决方案1
0 2023-02-03 17:00:30
You enabled Windows authentication, so that when CORS preflight request (anonymous OPTION request) sent by the browser arrives on IIS, 401 is returned by IIS and triggers the errors you see.您启用了 Windows 身份验证,因此当浏览器发送的 CORS 预检请求(匿名 OPTION 请求)到达 IIS 时,IIS 返回 401 并触发您看到的错误。
You will have to use IIS CORS module to properly process such preflight requests,您将不得不使用 IIS CORS 模块来正确处理此类预检请求,
https://blogs.iis.net/iisteam/getting-started-with-the-iis-cors-module https://blogs.iis.net/iisteam/getting-started-with-the-iis-cors-module
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.