[英]asp net core 3.1 angular windows authentication required username and password
i'm using asp net core 3.1 with angular i want to combine windows authentication and JWT for canactivate in angular while routing and authorize the controller but always required windows username and password while i pass the token from interceptor to the controller
request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + user.token) });
我的launchSettings.json 更改為以下
"windowsAuthentication": true,
"anonymousAuthentication": false,
將以下代碼添加到啟動 ConfigureServices
var appSettingsSection = Configuration.GetSection("AppSettings");
services.Configure<AppSettings>(appSettingsSection);
// configure jwt authentication
var appSettings = appSettingsSection.Get<AppSettings>();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false
};
});
將以下代碼添加到啟動配置
app.UseAuthentication();
app.UseAuthorization();
如果您將應用程序托管在 IIS 上,則幾乎無法將 windows 和 jwt 令牌身份驗證結合起來。 Both JWT and Windows authentication utilize the Authorization header in Http Request Header, but IIS takes it over first, when your request is a JWT request, the Authorization header you sent is some like this
Authorization: Bearer {jwtcontent}
Then iis windows authentication module takes over your request and found it can not recognize your Authorization header, so it responses to your request with 401 and a Authorization header like this(Negotiate)
Authorization: Negotiate YIIg8gYGKwY[...]hdN7Z6yDNBuU=
或(對於 NTLM)
Authorization: NTLM TlRMTVN[...]ADw==
您的瀏覽器收到此響應並發現服務器正在尋找 windows 憑據,因此它會彈出 windows 要求您輸入用戶名和密碼
所有這些都由 IIS 和瀏覽器處理,它甚至不會進入您的應用程序代碼。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.