如何将Windows身份验证凭据从客户端传递到Web API服务 [英] How to pass Windows Authentication credential from client to Web API service

问题描述

在公司环境中，我有IIS7.5托管Web API服务和一个单独的网站，该网站通过RestSharp库对该服务进行调用.两者当前都配置有Windows身份验证.

Inside my corporate environment, I have IIS7.5 hosting both a Web API service and a separate website which makes calls into that service via the RestSharp library. Both are currently configured with Windows Authentication.

如果我使用浏览器导航到任一浏览器，系统会提示我输入Windows凭据，并且一切正常……我得到了想要的网页，而REST服务吐出了我的数据.我正在努力弄清的部分是如何使用单个凭据对两者进行身份验证.我无法弄清楚如何将网站的凭据传递给服务(我曾尝试模拟，但没有用)，或手动提示用户输入用户名/密码，然后使用"Windows"进行身份验证.

If I navigate to either one with a browser, I'm prompted to enter my windows credential, and everything works great... I get web pages that I want and the REST service spits out my data. The part I'm struggling to figure out is how to use a single credential to authentication both. I can't figure out how to either pass the Website's credential to the service (I tried impersonating but it didn't work), or to manually prompt the user for username/password and then authenticate them with "Windows".

帮助菜鸟吗?

推荐答案

如果您在网站上使用模拟并且API在同一服务器上运行，则它应该可以工作.

If you use impersonation on your web site and the API is running on the same server it should work.

http://msdn.microsoft.com /en-us/library/aa292118(v=vs.71).aspx

但是，如果将API从站点移到其他服务器，则它将停止工作.两台服务器的安装程序需要Kerberos委派.

However, if you would move the API to a different server from the site this will stop working. A two-server setup requires Kerberos delegation.

这篇关于如何将Windows身份验证凭据从客户端传递到Web API服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！