Windows身份验证的OWIN自托管-AllowAnonymous无法正常工作 [英] owin self-host with windows authentication - AllowAnonymous not working

问题描述

我已启用Windows身份验证如此处所述

一切正常，只有一个小问题:这样做使每种控制器方法都受到Windows身份验证的保护.我认为没问题，只需对少数几种可以进行匿名访问的控制器方法使用[AllowAnonymous]装饰器，但这是行不通的.

有什么方法可以使自主机不授权每个控制器上的每个方法?

解决方案

您必须启用Windows身份验证和匿名身份验证. 文档.照原样，您已经告诉Owin要求Windows身份验证并禁止其他任何操作.

在您引用的代码中，您将对此进行更改:

listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication 
                               | AuthenticationSchemes.Anonymous;

I've enabled Windows authentication as described here

It all works fine, there's just a tiny issue: Doing so makes every controller method protected by windows authentication. NO problem I thought, just use the [AllowAnonymous] adorner on the few controller methods where anonymous access is okay, but that won't work.

Is there any way to get the self-host to not authorized every method on every controller?

解决方案

You have to enable Windows auth and anonymous auth. documentation. As is, you have told Owin to require Windows auth and disallow anything else.

In the code you cited, you would change this:

listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication 
                               | AuthenticationSchemes.Anonymous;

这篇关于Windows身份验证的OWIN自托管-AllowAnonymous无法正常工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！