使用集成Windows身份验证时,提示输入登录信息 [英] Prompt for login details when using Integrated Windows Authentication
问题描述
有关ASP.NET应用程序,我怎么能提示他们的用户名/密码的用户在使用集成Windows身份验证?我想用C#中的页面背后的code做到这一点。
For an ASP.NET application, how can I prompt the user for their username / password when Integrated Windows Authentication is used? I would like to use C# in the code behind of the pages to do this.
我想某些页面(如的http://内网/管理/ ),以提示输入密码,而其他人自动转到虽然(IWA通过/ NTLM)。然后,我会喜欢它要记住,用户登录,他们参观的文件夹/网站的其他网页,并提供一个注销链接时,他们都完成了。
I want some pages (e.g. http://intranet/admin/) to prompt for a password, while others automatically go though (via IWA/NTLM). I would then like it to remember that the user has logged in as they visit other pages in the folder / site and offer a logout link for when they are finished.
编辑:
我想要做的就是发送401状态和WWW-认证头给用户,让他们再登录使用其Windows凭据。
What I want to do is send a 401 status and WWW-Authentication headers to the user, so they then log in using their Windows Credentials.
基本上,火狐/ IE浏览器怎么做,如果该网站不被信任。
Basically, how Firefox / IE do it if the site isn't trusted.
编辑2:
做的SharePoint这种事情,在那里你自动登录,但可以注销并登录为别人而无需注销的Windows。
Edit 2: SharePoint does this kind of thing, where you automatically log in, but can log out and log in as someone else without needing to log out of Windows.
编辑3:
(比其他的SharePoint)的实例:您登录为标准(有限访问)的Windows / Active Directory的用户受信任的站点,它传递您的凭据。那么你要登录到不同的凭据(但仍然是Windows,而不是WebForms的)网站的管理员组成部分。这样做的唯一的另一种方法是,如果你注销Windows,然后重新登录。不实用,如果您有打开的文件(你可能希望访问)或管理员无法本地登录(交互式登录权限禁用)。模拟可以设置,在页面可以访问应用程序的一般用户帐户不(例如数据库,文件,活动目录管理)。
An example (other than SharePoint): You are logged in as a standard (limited access) Windows / Active Directory user to a trusted site, which passes on your credentials. You then want to log into an admin part of the site with different credentials (but still Windows, not WebForms). The only other way of doing it is if you log off Windows, then log in again. Not practical if you have files open (that you may wish to access) or the administrator can't log in locally (Interactive Login Privilege disabled). Impersonation may be set, as the page allows access to applications the regular user account doesn't (e.g. databases, files, Active Directory admin).
基本上使网站的行为中的一个页面,虽然它不是受信任的站点区域的一部分。
Basically making a page within the site behave as though it is not part of the Trusted Sites zone.
推荐答案
听起来像是你需要使用模拟。这可以让你运行方式另一个Windows用户。在这里看到: ASP.NET模拟
Sounds like you need to use Impersonation. This allows you to "run as" another Windows user. See here: ASP.NET Impersonation
这里有几个$ C $的CProject例子:
Here are a couple CodeProject examples:
这篇关于使用集成Windows身份验证时,提示输入登录信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
