HttpContext.Current.User不填充使用Windows身份验证启用 [英] HttpContext.Current.User not populated with Windows Authentication enabled
问题描述
我在使用Windows身份验证一个asp.net Intranet应用程序。我创建的应用程序年前VS 2005,和windows身份验证位是工作完美。我的web.config具有以下(内线配置 - >的System.Web元素):
I have an asp.net intranet application using windows authentication. I created the application years ago with VS 2005, and the windows authentication bit was working perfectly. My web.config has the following (inside configuration -> system.web element):
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
我测试这个在Firefox中确认的凭证是必需的,而事实上我提示我的网络凭据第一次访问该网站的时候,而我拒绝,如果它们是无效的。
I test this in Firefox to confirm that the credentials are required, and indeed I'm prompted for my network credentials when first accessing the site, and I'm denied if they are invalid.
然而,当我尝试访问HttpContext.Current.User.Identity,对象具有名称和AuthenticationType,和认证=假空字符串。我想我可能需要环视interwebs后,使WindowsTokenRoleProvider,而这并没有改变什么。
However, when I try to access HttpContext.Current.User.Identity, the object has empty strings for Name and AuthenticationType, and Authenticated = false. I thought I might need to enable the WindowsTokenRoleProvider after looking around the interwebs, and this did not change anything.
<roleManager defaultProvider="WindowsProvider" enabled="true" cacheRolesInCookie="false">
<providers>
<clear/>
<add name="WindowsProvider" type="System.Web.Security.WindowsTokenRoleProvider"/>
</providers>
</roleManager>
两件事情,因为我已经看到了它的工作是通过转换向导升级项目,VS 2008的最后一次,我已经做了,我也把它放下了好几个月,而我的同事可能会在它的工作在这里或那里。我是pretty的肯定会影响到我User.Identity的唯一事情是在上面提到的web.config中的值,但显然我做错了什么。任何人都遇到类似的问题,或者看到的东西,我做错了什么?谢谢你。
Two things I've done since the last time I've seen it work are upgrade the project to VS 2008 through the conversion wizard, and I also put it down for several months while my co-workers may have worked on it here or there. I was pretty sure that the only thing that affects my User.Identity are the values in the web.config mentioned above, but apparently I'm doing something wrong. Anyone else encounter a similar issue or see something I'm doing wrong? Thanks.
推荐答案
请确保您的&LT;的HttpModules&GT; 部分尚未清除。你的机器的web.config文件中应包括这样一个片段:
Make sure your <httpModules> section hasn't been cleared. Your machine's web.config file should include a snippet like this:
<httpModules>
<!-- ... -->
<add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule" />
<!-- ... -->
<add name="AnonymousIdentification" type="System.Web.Security.AnonymousIdentificationModule" />
<!-- ... -->
</httpModules>
这里最重要的元素是 WindowsAuthentication 。请确保它在你的的%SystemRoot%\ Microsoft.NET \框架\ V2.0.50727 \ CONFIG \ Web.config文件文件。此外,还要确定出现在父的网站站点或文件夹包括您自己的网站和所有的web.config文件没有一个&LT;清/&GT; 标签在其&LT;的HttpModules&GT; 部分。如果没有 WindowsAuthentication 模块,这并不重要,如果浏览器迫使你登录或不... ASP.NET将永远不会实际设置用户属性没有这个模块包括在内。
The important element here is WindowsAuthentication. Make sure that it's in your %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\CONFIG\Web.config file. Also, make certain that both your own web site and any web.config file that appears in a "parent" site site or folder does not have a <clear/> tag in its <httpModules> section. Without the WindowsAuthentication module, it doesn't matter if the browser forces you to log in or not... ASP.NET will never actually set the User property without this module included.
订货的的HttpModules 也显著,尤其我相信 WindowsAuthentication 模块需要出现的前的的 AnonymousIdentification 之一。
Ordering of httpModules is also significant, and in particular I believe the WindowsAuthentication module needs to appear before the AnonymousIdentification one.
这篇关于HttpContext.Current.User不填充使用Windows身份验证启用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
