Windows和.Net Core 2.0中的匿名身份验证 [英] Windows and Anonymous Authentication in .Net Core 2.0

问题描述

我正在尝试在 .Net Core 2.0 空Web应用程序中混合使用 Windows 和匿名身份验证.我想避免使用[Authorize] 属性，因为我不想使用Mvc或控制器.

I'm trying to mix Windows and Anonymous authentication in a .Net Core 2.0 empty web app. I would like to avoid the [Authorize] attribute as I do not want to use Mvc or controllers.

我的设置如下:

1. 我创建了一个空的.Net Core 2.0 Web应用程序

1. I created an empty .Net Core 2.0 web application

我转到了项目属性->调试->选中了启用Windows身份验证"并禁用了启用匿名身份验证". 现在，在我的launchSettings.json中的"IIS"下出现了"windowsAuthentication":true和"anonymousAuthentication":false.

I went to project properties -> Debug -> Checked "Enable Windows Authentication" and disabled "Enable Anonymous Authentication". Now "windowsAuthentication": true and "anonymousAuthentication": false appeared in my launchSettings.json under "IIS".

在Startup.cs内部，在我添加的ConfigureServices中 services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme); rel ="noreferrer"> https://docs.microsoft.com/zh-cn/aspnet/core/migration/1x-to-2x/identity-2x#windows-authentication-httpsys--iisintegration

Inside Startup.cs, in ConfigureServices I added services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme); as mentioned in https://docs.microsoft.com/en-us/aspnet/core/migration/1x-to-2x/identity-2x#windows-authentication-httpsys--iisintegration

我添加了一个简单的Console.WriteLine(context.User.Identity.Name);来查看它是否可以在app.Run和...内部运行 一切正常！

I added a simple Console.WriteLine(context.User.Identity.Name); to see that it works inside app.Run and... It all works!

但是...只要在launchSettings.json中将"anonymousAuthentication"设置为true，它就会停止工作，并且我不知道该怎么做才能使Windows身份验证与之同时工作. Context.User.Identity.IsAuthenticated始终为假. 如您所见，我的配置非常简单，我需要它保持这种方式.我想在某些动态路由上启用/禁用Windows身份验证，因此不能使用具有[Authorize]属性的控制器.

However... as soon as I set "anonymousAuthentication" to true in launchSettings.json it stops working and I cannot figure out what can I do to make the Windows authentication work alongside with it. Context.User.Identity.IsAuthenticated is always false. As you can see my configuration is very simple and I need it to stay this way. I want to enable/disable windows authentication on certain dynamic routes, so using controllers with the [Authorize] attribute is not an option.

我要实现的是一个简单的应用程序，其中URL"/authenticated"将使用context.User.Identity.Name的值进行答复，URL"/public"将使用诸如这是公共页面！"的答复. ". 类似于在ASP.NET Core中特定路由上的NTLM身份验证，但没有[Authorize]属性和控制器. 资源非常稀缺...有人知道我可能会缺少什么吗? 谢谢！

What I'm trying to achieve is a simple app where the url "/authenticated" would reply with the value of context.User.Identity.Name and the url "/public" would reply with something like say "This is a public page!". Something similar to NTLM authentication on specific route in ASP.NET Core but without the [Authorize] attribute and controllers. The resources are very scarce... Anyone have any idea what I could be missing? Thanks!

推荐答案

匿名者优先.当您收到对应用程序受限部分的匿名请求时，需要调用httpContext.ChallengeAsync().这将导致客户端在下一个请求上发送凭据. 这是执行此操作的测试.

Anonymous takes precedence. You need to call httpContext.ChallengeAsync() when you get an anonymous request to a restricted part of your app. That will cause the client to send credentials on the next request. Here's a test that does this.

这篇关于Windows和.Net Core 2.0中的匿名身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！