[英]No authenticationScheme was specified, and there was no DefaultChallengeScheme found - ASP.NET core 2.1
[英]ASP.NET Core 2.0 HttpSys Windows Authentication fails with Authorize attribute (InvalidOperationException: No authenticationScheme was specified)
我正在尝试将 ASP.NET Core 1.1 应用程序迁移到 ASP.NET Core 2.0。
该应用程序相当简单,涉及以下内容:
options.Authentication.Schemes = AuthenticationSchemes.NTLM
options.Authentication.AllowAnonymous = true
(因为有些控制器不需要认证)[Authorize]
属性修饰。该项目编译并启动得很好。 它还为不需要身份验证的控制器提供服务。
但是,一旦我使用[Authorize]
属性点击控制器,就会出现以下异常:
System.InvalidOperationException: No authenticationScheme was specified,
and there was no DefaultChallengeScheme found.
at Microsoft.AspNetCore.Authentication.AuthenticationService.<ChallengeAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.ChallengeResult.<ExecuteResultAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeResultAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeFilterPipelineAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeAsync>d__15.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Builder.RouterMiddleware.<Invoke>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.<Invoke>d__7.MoveNext()
我开始摆弄项目模板,并注意到我可以使用带有 Windows 身份验证的标准模板ASP.NET Core Web 应用程序(模型-视图-控制器)轻松重现这一点。
Program.cs 文件更改如下:
public static IWebHost BuildWebHost(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseHttpSys(options =>
{
options.Authentication.Schemes = AuthenticationSchemes.NTLM;
options.Authentication.AllowAnonymous = true;
options.MaxConnections = 100;
options.MaxRequestBodySize = 30000000;
options.UrlPrefixes.Add("http://localhost:5000");
})
.UseStartup<Startup>()
.Build();
这直接来自HttpSys 文档。 我还向HomeController
类添加了[Authorize]
属性。 现在,它将产生与所示完全相同的异常。
我发现了一些相关的 Stack Overflow 帖子( here 、 here和here ),但它们都没有处理普通的 Windows 身份验证(而且答案似乎没有概括)。
在写这篇文章时,我记得遇到过迁移指南的这个小节。 它说要添加
services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme);
到ConfigureServices
函数。
我最初认为这不适用于 HttpSys,考虑到常量的全名(尤其是IISIntegration
让我失望)。 此外,在撰写本文时, HttpSys 文档完全没有提及这一点。
对于面向完整 .NET Framework 的用户,这需要安装Microsoft.AspNetCore.Authentication
NuGet 包。
编辑
正如 Tratcher 所指出的,您应该使用HttpSys
命名空间中的一个类似常量:
Microsoft.AspNetCore.Server.HttpSys.HttpSysDefaults.AuthenticationScheme
安德烈亚斯的回答让我走上了正确的道路,但这对我有用:
添加了对Microsoft.AspNetCore.Authentication
的包引用
然后对于Startup.cs
using Microsoft.AspNetCore.Server.IISIntegration;
public void ConfigureServices(IServiceCollection services)
{
...
services.AddAuthentication(IISDefaults.AuthenticationScheme);
...
}
另一件事,如果您已经添加了services.AddAuthentication(IISDefaults.AuthenticationScheme);
确保在应用程序→身份验证下的 IIS 中打开身份验证类型(窗口、表单)。
我的都被禁用了,即使代码到位,也会出现这个错误。
如果仍然无法正常工作,请确保您配置了 launchsettings.json
{
"iisSettings": {
//...
"windowsAuthentication": true,
"anonymousAuthentication": true,
//...
},
"profiles": {
"IIS Express": {
//...
"windowsAuthentication": true,
"anonymousAuthentication": true,
//...
}
}
//...more stuff
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.