IIS 6/ASP.NET Windows 身份验证清单?
[英]Checklist for IIS 6/ASP.NET Windows Authentication?
问题描述
I've been having trouble getting my ASP.NET application to automatically log users into the Intranet site I'm building.
我一直无法让我的 ASP.NET 应用程序自动将用户登录到我正在构建的 Intranet 站点。 No matter the googling or the experimentation I applied, there is always a login box displayed by IE7.无论是谷歌搜索还是我应用的实验,IE7 总是显示一个登录框。
I've got Windows authentication mode set in the Web.config, disabled anonymous access and configured the correct default domain in IIS, but it's still asking the user to log in and, more annoyingly, the user is required to provide the domain too ( DOMAIN\auser ), which is causing problems with non-technical visitors.我在 Web.config 中设置了 Windows 身份验证模式,禁用匿名访问并在 IIS 中配置正确的默认域,但它仍然要求用户登录域,太烦人了DOMAIN\auser ),这会导致非技术访问者出现问题。 Thank Zeus for password remembering functionality.感谢 Zeus 的密码记忆功能。
I'm not the network administrator so it's possible that something about Active Directory is set up incorrectly, or it could just be me missing something very simple.我不是网络管理员,因此有关 Active Directory 的某些内容可能设置不正确,或者可能只是我遗漏了一些非常简单的内容。 Please note that I don't want to impersonate the user, I just need to know that the IPrincipal.Name property matches that of a valid record in my user database, hence authenticating the user to my application.请注意,我不想模拟用户,我只需要知道 IPrincipal.Name 属性与我的用户数据库中的有效记录相匹配,从而验证用户对我的应用程序的身份。
To this end, it would be very useful to have a checklist of all configuration requirements for AD, ASP.NET and IIS to work together in this manner as a reference for debugging and hopefully reducing some user friction.为此,拥有一份包含 AD、ASP.NET 和 IIS 的所有配置要求的清单以这种方式协同工作作为调试参考并希望减少一些用户摩擦是非常有用的。
3 个解决方案
解决方案1
19 已采纳 2008-08-03 15:24:38
It sounds like you've covered all the server-side bases--maybe it's a client issue?听起来您已经涵盖了所有服务器端基础——也许这是一个客户端问题? I assume your users have integrated authentication enabled in IE7?我假设您的用户在 IE7 中启用了集成身份验证? (Tools -> Internet Options -> Advanced -> Security). (工具 -> Internet 选项 -> 高级 -> 安全)。 This is enabled by default.这是默认启用的。
Also, is your site correctly recognized by IE7 as being in the Local Intranet zone?另外,您的站点是否被 IE7 正确识别为在本地 Intranet 区域中? The IE7 default is to allow automatic logon only in that zone, so users would be prompted if IE thinks your site is on the internet. IE7 默认只允许在该区域自动登录,因此如果 IE 认为您的站点在 Internet 上,则会提示用户。 I believe using a hostname with a dot in it causes IE to place the site into the Internet zone.我相信使用带有点的主机名会导致 IE 将站点放入 Internet 区域。
解决方案2
1 2008-09-18 07:43:15
Open
Active Directory Users and ComputersMMC snap in打开Active Directory Users and ComputersMMC 管理单元Expand
computerssection fromTreeView(left side)从TreeView(左侧)展开computers部分Check if the computer is registered in your domain.
检查计算机是否已在您的域中注册。
Also, you have to login with a domain account on that computer, otherwise that authentication box will be shown.此外,您必须使用该计算机上的域帐户登录,否则将显示该身份验证框。
解决方案3
0 2008-08-05 18:01:12
In IIS, enable annonymous access and allow the web.config to handle user authentication.在 IIS 中,启用匿名访问并允许 web.config 处理用户身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.