ASP.NET Core 2.0 HttpSys Windows身份验证失败,带有Authorize属性(InvalidOperationException:未指定authenticationScheme) [英] ASP.NET Core 2.0 HttpSys Windows Authentication fails with Authorize attribute (InvalidOperationException: No authenticationScheme was specified)
问题描述
我正在尝试将ASP.NET Core 1.1应用程序迁移到ASP.NET Core 2.0.
I am trying to migrate an ASP.NET Core 1.1 application to ASP.NET Core 2.0.
该应用程序非常简单,涉及以下内容:
The application is fairly simple and involves the following:
- 托管在HttpSys(以前是WebListener)上
- 使用Windows身份验证:
options.Authentication.Schemes = AuthenticationSchemes.NTLM - 允许匿名身份验证:
options.Authentication.AllowAnonymous = true(因为有些控制器不需要身份验证) - 需要身份验证的控制器装饰有
[Authorize]属性.
- Hosted on HttpSys (formerly WebListener)
- Using Windows authentication:
options.Authentication.Schemes = AuthenticationSchemes.NTLM - Allowing anonymous authentication:
options.Authentication.AllowAnonymous = true(because there are some controllers that do not require authentication) - Controllers that require authentication are decorated with the
[Authorize]attribute.
该项目可以编译并正常启动.它还为不需要身份验证的控制器提供服务.
The project compiles and starts up just fine. It also serves actions of controllers that do not require authentication.
但是,一旦我击中具有[Authorize]属性的控制器,就会出现以下异常:
However, as soon as I hit a controller with the [Authorize] attribute, I get the following exception:
System.InvalidOperationException: No authenticationScheme was specified,
and there was no DefaultChallengeScheme found.
at Microsoft.AspNetCore.Authentication.AuthenticationService.<ChallengeAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.ChallengeResult.<ExecuteResultAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeResultAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeFilterPipelineAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeAsync>d__15.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Builder.RouterMiddleware.<Invoke>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.<Invoke>d__7.MoveNext()
我开始摆弄项目模板,并注意到我可以使用带有Windows身份验证的标准模板 ASP.NET Core Web应用程序(模型-视图-控制器)轻松重现此模板.
I started fiddling around with the project templates and noticed that I could reproduce this easily using the standard template ASP.NET Core Web Application (Model-View-Controller) with Windows Authentication.
Program.cs文件的更改如下:
The Program.cs file was changed as follows:
public static IWebHost BuildWebHost(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseHttpSys(options =>
{
options.Authentication.Schemes = AuthenticationSchemes.NTLM;
options.Authentication.AllowAnonymous = true;
options.MaxConnections = 100;
options.MaxRequestBodySize = 30000000;
options.UrlPrefixes.Add("http://localhost:5000");
})
.UseStartup<Startup>()
.Build();
这直接来自 HttpSys文档.另外,我在HomeController类中添加了[Authorize]属性.现在,它将产生与所示完全相同的异常.
This comes straight from the HttpSys documentation. Also I added the [Authorize] attribute to the HomeController class. Now, it will produce exactly the same exception as shown.
我找到了一些相关的Stack Overflow帖子(此处,此处和
I found some related Stack Overflow posts (here, here and here), but none of them deals with plain Windows Authentication (and the answers do not seem to generalize).
推荐答案
While writing up the post, I remembered coming across this subsection of the migration guide. It says to add
services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme);
到ConfigureServices功能.
考虑到常量的全名,我最初认为这不适用于HttpSys(尤其是IISIntegration使我失望).此外,在撰写本文时,完全 HttpSys文档没提这个.
I initially thought that this wouldn't apply to HttpSys, given the full name of the constant (especially the IISIntegration threw me off). Moreover, as of this writing, the HttpSys documentation completely fails to mention this.
对于那些针对整个.NET Framework的用户,这需要安装Microsoft.AspNetCore.Authentication NuGet软件包.
For those targeting the full .NET Framework, this requires installing the Microsoft.AspNetCore.Authentication NuGet Package.
编辑
正如Tratcher所指出的,您应该使用HttpSys命名空间中的类似常量:
As Tratcher points out, there is a similar constant from the HttpSys namespace you should rather use:
Microsoft.AspNetCore.Server.HttpSys.HttpSysDefaults.AuthenticationScheme
这篇关于ASP.NET Core 2.0 HttpSys Windows身份验证失败,带有Authorize属性(InvalidOperationException:未指定authenticationScheme)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
