So I have a ASP.NET site that use Windows Authenication that only does one thing:
protected void Page_Load(object sender, EventArgs e)
{
somelabel.Text = HttpContext.Current.User.Identity.IsAuthenticated.ToString();
return;
}
Unfortunately it is always false for some reason. Here is my web.config
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<authentication mode="Windows"/>
<authorization>
<allow users="*"/>
</authorization>
<customErrors mode="Off"/>
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
I deployed it on my Windows 7 running IIS 7.5.
Change the authorization section to:
<authorization>
<deny users="?"/>
</authorization>
I think that by saying allow users="*"
you are allowing every body access.
See this post by Scott Guthrie
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.