在ASP.NET中,Windows身份验证日志中是否有失败触发的事件?(记录Windows身份验证失败的详细信息) [英] In ASP.NET is there an event fired on a Windows Authentication log in failure? (Logging the details of a Windows Authentication failure)
问题描述
我正在构建一个以集成模式在IIS 7.5上运行的.NET 4.0,ASP.NET MVC 3 Intranet应用程序.Windows身份验证用于管理对网站的访问.Windows身份验证模块已启用,所有其他身份验证模块均已禁用.
I am building a .NET 4.0, ASP.NET MVC 3 intranet application that runs on IIS 7.5 in integrated mode. Windows Authentication is used to govern access to the website. The Windows Authentication module is enabled and all other auth modules are disabled.
当前,当用户提供不正确的凭据时,Windows身份验证模块会正确拒绝凭据并重新显示登录提示.它会执行3次,然后显示标准的.NET 401未经授权访问页.这是预料之中的,也是可取的.
Currently when a user provides improper credentials, the Windows Authentication module correctly rejects the credentials and re-displays a login prompt. It does so 3 times, after which a standard .NET 401 Unauthorized Access page is shown. This is expected and desirable.
我的目标:我希望能够将身份验证失败的详细信息记录到我自己的自定义事件日志中.特别是,要捕获尝试登录时使用的用户名.(出于安全原因,我会接受不太可能捕获密码.)
My goal: I would like to be able to log the details of the failed authentication attempt to my own custom event log. Particularly, to capture the user name that was used in the log in attempt. (I'll accept that capturing the password is not likely to be possible for security reasons.)
我的目标有可能吗?
我已经构建了一个工作的IHttpModule模块,并将其作为事件处理程序添加到
I have already built a working an IHttpModule module and added it as an event handler to the WindowsAuthenticationModule, like this:
myWindowsAuthenticationModule.Authenticate += WindowsAuthentication_Authenticate;
但是在尝试登录失败的情况下,不会调用我的代码,大概是因为WindowsAuthenticationModule已经确定登录失败,所以没有必要调用我的模块.成功尝试登录后,我的模块执行被调用,因此可以肯定我的事件处理程序已正确设置.
But my code does not get called in the case of a failed log in attempt, presumably because WindowsAuthenticationModule has already decided that the log in is failed and so there is no point calling my module. My module does get called after a successful log in attempt, and so I am certain that my event handler is properly set up.
据我所知,WindowsAuthenticationModule不会公开身份验证失败时触发的事件,因此该选项不可用.
To the best of my knowledge, the WindowsAuthenticationModule does not expose an event that is fired when authentication fails, so that option is out.
有什么想法吗?还是我吠叫没有解决方案的树?
Any ideas? Or am I barking up a tree that has no solution?
推荐答案
我一直在寻找相同的问题,并且似乎没有Windows身份验证事件,即使Authenticate事件对于表单和Windows也很常见.
I was looking at the same issue, and looks like there is no events for windows authentication, even that Authenticate event is common for forms and windows.
但是我找到了解决方案!
But I found a solution to this!
http://www.codeproject.com/Articles/11202/Redirecting-to-custom-401-page-when-quot-Access-de
更新
摘自原始文章
protected void Application_EndRequest(Object sender, EventArgs e)
{
HttpContext context = HttpContext.Current;
if (context.Response.Status.Substring(0,3).Equals("401"))
{
if(User.Identity.IsAuthenticated)
{
// this means user is authenticated, but 401 still returned
// which means no access to page or whatever you are trying to access?
}
}
}
UPDATE2
我还发现该解决方案并非在所有情况下都有效.我在不同的环境中进行测试,因此为我工作,但为其他人工作.
I also found out that this solution doesn't work in all cases. I was testing in different environments, so was working for me, but not for others.
默认情况下,IIS甚至不会运行这段代码,只是返回它自己的错误页面,您要做的就是告诉IIS让应用程序处理错误.
By default IIS will not even run this piece of code and just return it's own error page, what you want to do is tell IIS to let app handle errors.
<httpErrors existingResponse="PassThrough">
</httpErrors>
现在,这样说来,IIS将不再返回任何自定义错误,您将需要在应用程序中处理它们,即.不仅是401,还有403、405等
Now, with that said, IIS won't return any more of custom errors and you will need to handle them in application, ie. not only 401, but 403, 405, etc
这篇关于在ASP.NET中,Windows身份验证日志中是否有失败触发的事件?(记录Windows身份验证失败的详细信息)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
