When I use Windows Authentication in my debug environment(IIS Express), I get the proper domain name. But when I push it to the production environment(IIS), I get no domain name at all. Am I missing something?
Reproduce my Issue:
I've created a new Web Project in VS2017 (15.7.6) with the React template and enabled Windows authentication by changing the launchSettings.json to:
"windowsAuthentication": true,
"anonymousAuthentication": false,
Now I changed the ConfigureServices
Method in Startup.cs
to this:
public void ConfigureServices(IServiceCollection services)
{
services.Configure<IISOptions>(options =>
{
options.AutomaticAuthentication = true;
});
services.AddAuthentication(IISDefaults.AuthenticationScheme);
var names = new[] { "peter", "joey" };
services.AddAuthorization(options =>
{
options.AddPolicy("OnlyEmployees", policy =>
{
policy.AddAuthenticationSchemes(IISDefaults.AuthenticationScheme);
policy.Requirements.Add(new CheckForEmployee(names));
});
});
services.AddSingleton<IAuthorizationHandler, CheckForEmployeeHandler>();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
// In production, the React files will be served from this directory
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/build";
});
}
I added 2 Files to the Project:
CheckForEmployee.cs
using Microsoft.AspNetCore.Authorization;
namespace WebServer_WindowsAuthentication
{
public class CheckForEmployee : IAuthorizationRequirement
{
public string[] Names { get; set; }
public CheckForEmployee(string[] names)
{
Names = names;
}
}
}
CheckForEmployeeHandler.cs
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
namespace WebServer_WindowsAuthentication
{
public class CheckForEmployeeHandler : AuthorizationHandler<CheckForEmployee>
{
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, CheckForEmployee requirement)
{
if (requirement.Names.Contains(context.User.Identity.Name))
{
context.Succeed(requirement);
}
return Task.CompletedTask;
}
}
}
Anyone facing a similar problem, make sure Windows Authentication is enabled on your IIS Service. This solved my problem.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.