NancyFx IIS和Windows身份验证 [英] NancyFx on IIS and Windows Authentication

问题描述

我已经转换一个MVC + AngularJS应用程序使用NancyFx + AngularJS（因为我没有真正使用任何MVC的东西）。我使用VS2013和它（在我的开发环境和IIS快递）IIS下运行。

I have converted a MVC + AngularJS application to use NancyFx + AngularJS (as I wasn't really using any MVC stuff). I am using VS2013 and it runs under IIS (and IIS Express in my dev environment).

我可以通过检查OwinEnvironment的server.User组分获得登录的用户的电流。我目前使用Microsoft.Owin.Host.SystemWeb按照大多数演示。当我添加一个RequiresAuthentication到我的模块中的GET请求，我得到一个弹出IE中输入凭据即使我登录，即使当我输入的凭据，我只是不断收到弹出窗口和它永远不会到达。该网站

I can obtain the current logged in user by examining the server.User component of the OwinEnvironment. I am currently using Microsoft.Owin.Host.SystemWeb as per most of the demos. When I add a RequiresAuthentication to a Get request in my module, I get a pop-up in IE to enter credentials even though I'm logged in. Even when I enter the credentials, I just keep getting pop-ups and it never reaches the site.

我有几个问题：

1）如果使用Windows身份验证和RequiresAuthentication做我还需要身份验证模式=窗口在web.config。

1) If using Windows Authentication and RequiresAuthentication do I still need authentication mode="Windows" in the web.config.

2）是否有可能以避免使用IIS没有Microsoft.Owin.Host.SystemWeb ASP.NET管道？我碰到有关Project赫利俄斯和Microsoft.Owin.Host.IIS（的NuGet），但一直没有工作了一段文章，只是一个阿尔法 - 是什么？与此发生

2) Is it possible to use IIS without Microsoft.Owin.Host.SystemWeb in order to avoid the ASP.NET pipeline? I came across articles about Project Helios and Microsoft.Owin.Host.IIS (Nuget) but this hasn't been worked on for a while and is only an Alpha - what's happening with this?

3）什么是使用IIS，NancyFX和RequiresAuthentication Windows身份验证和角色的事实上的方法是什么？

3) What is the de facto way of using IIS, NancyFX and Windows Authentication with RequiresAuthentication and Roles?

我已经看了许多文章和计算器问题，但还没有找到一个明确的答案。

I've looked at many articles and stackoverflow questions but have yet to find a definitive answer.

推荐答案

1）是的，你必须告诉IIS模块来使用Windows身份验证

1) Yes, you have to tell the IIS module to use Windows Authentication

2）我不这么认为。虽然你可以用做自我OWIN托管，如果你真的不喜欢IIS Windows验证

2) I do not believe so. Although you can do windows auth using OWIN self hosting if you really don't like IIS

即使你有IIS设置为赢得权威性，南希不承认这一点的thie框。你可以验证使用Pipelines.BeforeRequest在引导程序通过重写RequestStartup（）当前的请求，并设置当前用户的用户名。下面假设.NET 4.5

Even if you have IIS set to win auth, nancy does not recognize this out of thie box. You can authenticate the current request using the Pipelines.BeforeRequest in the bootstrapper by overriding RequestStartup() and setting the current users, username. The following assumes .NET 4.5

当然，你可能想要做标准零检查，什么不是。

Of course you may want to do standard null checking and what not.

public class User : IUserIdentity
{
    private readonly ClaimsPrincipal claimsPrincipal;

    public User(ClaimsPrincipal claimsPrincipal)
    {
        this.claimsPrincipal = claimsPrincipal;
    }

    public string UserName { get { return claimsPrincipal.Identity.Name; } }
    public IEnumerable<string> Claims { get { return claimsPrincipal.Claims.Select(c => c.ToString()); } }
}
public class Bootstrapper : DefaultNancyBootstrapper
{
    protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context)
    {
        pipelines.BeforeRequest += ctx =>
        {
            ctx.CurrentUser = new User(Thread.CurrentPrincipal as ClaimsPrincipal);
            return null;
        };
    }

}

这篇关于NancyFx IIS和Windows身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！