Windows身份验证支持ASP.NET 5测试版8 [英] Windows Authentication support in ASP.NET 5 beta 8

问题描述

我有一个ASP.NET MVC 5 6的Web API项目。大多数API端点有[授权]属性，和Windows身份验证在IIS都和Visual Studio中的项目的属性启用。这一切都在测试7工作正常。

在测试版8，但是，这是行不通的。这很容易用完全干净的项目，以重现此：

1. 使用ASP.NET的Web 5 API模板创建新的项目。


2. 在该项目（不解决方案），转到调试选项卡，启用Windows身份验证和禁用匿名获取属性。保存更改。


3. 按F5，让它尝试运行该项目。

结果：

  

出错试图确定DNX进程的进程ID托管的应用程序。

<醇开始=4>

现在，回到项目属性和启用匿名。离开Windows中启用为好。保存更改。

转到您的控制器，并添加[授权]属性。

再次F5。

结果：

该项目启动这个时候，但Web API在输出窗口返回500。注意：

  

Microsoft.AspNet.Mvc.Controllers.ControllerActionInvoker：警告：授权失败在过滤器'Microsoft.AspNet.Mvc.Filters.AuthorizeFilter的要求

该项目还当发布到IIS不工作。

由于在公测指出8 <一个href=\"http://blogs.msdn.com/b/webdev/archive/2015/10/15/announcing-availability-of-asp-net-5-beta8.aspx\">announcement,托管模式发生了变化，使得IIS现在传递的请求通过对红隼。该服务器页面不给那个红隼支持Windows身份验证的任何迹象。有一些窍门能让Windows身份验证测试版8工作吗？

解决方案

这似乎是一个已知使用IIS防爆preSS 错误时，在Visual Studio调试工具。在此之前，是固定的，我已经找到了唯一的解决方法是通过WebListener而不是IIS防爆preSS运行调试。要这样设置，在您的Startup.cs配置的方法添加：

  //如果我们自托管，启用集成身份验证（如果我们使用
// IIS，这将是在IIS配置级别进行）。
VAR听者= app.ServerFeatures.Get＆LT; WebListener＆GT;（）;
如果（听众！= NULL）
{
    listener.AuthenticationManager.AuthenticationSchemes =
        AuthenticationSchemes.NTLM;
}
 

然后在project.json添加weblistener CMD如下：

 命令：{
  weblistener：Microsoft.AspNet.Server.WebListener --config hosting.ini，
  网络：Microsoft.AspNet.Server.Kestrel
}，
 

...或类似的。然后，如果你调试使用weblistener配置文件而不是IIS防爆preSS（或网页，其中红隼在不支持NTLM），你应该能够进行，而IIS防爆preSS工具的bug解决工作。你需要 Microsoft.AspNet.Server.WebListener 添加到您的project.json的依赖，使WebListener，我相信。

我发现，如果我直接在project.json改变了网络命令，Visual Studio的帮忙，换了回来，而积极，因此添加一个单独的命令的 /问题/ 419＃issuecomment-149300312相对=nofollow>似乎把一切都开心。

I have an ASP.NET 5 MVC 6 Web API project. Most of the API endpoints have the [Authorize] attribute, and Windows Authentication is enabled in both IIS and on the properties of the project in Visual Studio. This all works fine in beta 7.

In beta 8, however, this does not work. It's easy to reproduce this with a completely clean project:

1. Create a new project using the ASP.NET 5 Web API template.
2. Get properties on the project (not the solution), go to the Debug tab, enable Windows authentication and disable Anonymous. Save the changes.
3. Hit F5 and let it attempt to run the project.

Result:

An error occurred attempting to determine the process id of the DNX process hosting your application.

4. Now go back to the project properties and enable Anonymous. Leave Windows enabled as well. Save the change.
5. Go to your controller and add the [Authorize] attribute.
6. F5 again.

Result:

The project launches this time, but the web API returns a 500. Notice in the Output window:

Microsoft.AspNet.Mvc.Controllers.ControllerActionInvoker: Warning: Authorization failed for the request at filter 'Microsoft.AspNet.Mvc.Filters.AuthorizeFilter'.

The project also does not work when published to IIS.

As noted in the beta 8 announcement, the hosting model has changed such that IIS is now passing the request through to Kestrel. The Servers page doesn't give any indication that Kestrel supports Windows Authentication. Is there some trick to getting Windows Authentication working in beta 8?

解决方案

This seems to be a known bug in the Visual Studio debugging tooling when using IIS Express. Until that is fixed, the only workaround I've found is to debug by running through WebListener instead of IIS Express. To set this up, in your Configure method in Startup.cs add:

// If we're self-hosting, enable integrated authentication (if we're using
// IIS, this will be done at the IIS configuration level).
var listener = app.ServerFeatures.Get<WebListener>();
if (listener != null)
{
    listener.AuthenticationManager.AuthenticationSchemes = 
        AuthenticationSchemes.NTLM;
}

Then in project.json add a weblistener cmd as follows:

"commands": {
  "weblistener": "Microsoft.AspNet.Server.WebListener --config hosting.ini",
  "web": "Microsoft.AspNet.Server.Kestrel"
},

... or similar. Then if you debug using the weblistener profile instead of IIS Express (or web, which under Kestrel does not support NTLM), you should be able to carry on working while the IIS Express tooling bug is resolved. You'll need to add Microsoft.AspNet.Server.WebListener to your project.json dependencies to enable WebListener, I believe.

I found that if I changed the "web" command directly in project.json, Visual Studio helpfully changes it back rather aggressively, so adding a separate command as recommended by the Microsoft team seems to keep everything happy.

这篇关于Windows身份验证支持ASP.NET 5测试版8的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！