如何让在IIS 7.0的混合模式身份验证 [英] How to allow mixed-mode authentication in IIS 7.0

问题描述

你怎么后门用在IIS 7.0上运行的窗体身份验证身份验证的Windows用户进入网站？

How do you back-door authenticate Windows users into a website using forms authentication running on IIS 7.0?

推荐答案

创建一个单独的页面来处理Windows登录。该页面将验证用户，然后设置窗体的cookie他们。然后，将页面添加到web.config中告诉IIS 7到特定网页上使用Windows身份验证。

Create a separate page to handle windows logins. This page will authenticate the user and then set the Forms cookie for them. Then, add the page to the web.config to tell IIS 7 to use Windows authentication on that particular page.

<configuration>
...
<!-- this file captures the user and redirects to the login page -->
  <location path="Account/WindowsLogin.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
    <system.webServer>
      <security>
        <authentication>
          <windowsAuthentication enabled="true" />
          <anonymousAuthentication enabled="false" />
        </authentication>
      </security>
    </system.webServer>
  </location>
</configuration>

这篇关于如何让在IIS 7.0的混合模式身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！