使用ServerManager类配置IIS身份验证设置 [英] Configure IIS authentication settings using the ServerManager class

问题描述

我正在使用ServerManager类(来自Microsoft.Web.Administration)在运行IIS 7的服务器上创建应用程序.我想配置应用程序是基于应用程序使用匿名身份验证还是基于Windows身份验证，因此我可以不只是要求IT更改根站点上的设置.该应用程序的内容属于第三方，因此我不允许在应用程序内部更改web.config文件.

I'm using the ServerManager class (from Microsoft.Web.Administration) to create applications on a server running IIS 7. I want to configure whether the application uses anonymous authentication or Windows-authentication on an application-basis so I can't simply ask IT to change the settings on the root site. The contents of the application belongs to a third party so I'm not allowed to change the web.config file inside the application.

Application类没有公开任何有用的属性，但是也许我可以使用ServerManager的GetApplicationHostConfiguration方法完成某些工作?

The Application class doesn't expose any useful properties, but maybe I could get something done using the ServerManager's GetApplicationHostConfiguration method?

推荐答案

听起来像您希望更改站点的Internet信息系统配置；如果正确的话，这样的事情应该起作用:

It sounds like your hoping to alter the Internet Information System configuration for the site; if that is correct something like this should work:

using (ServerManager serverManager = new ServerManager())
{
    Configuration config = serverManager.GetWebConfiguration("Contoso");
    ConfigurationSection authorizationSection = config.GetSection("system.webServer/security/authorization");
    ConfigurationElementCollection authorizationCollection = authorizationSection.GetCollection();

    ConfigurationElement addElement = authorizationCollection.CreateElement("add");
    addElement["accessType"] = @"Allow";
    addElement["roles"] = @"administrators";
    authorizationCollection.Add(addElement);

    serverManager.CommitChanges();
 }

上面的代码将允许您创建一个授权规则，该规则允许组中的特定用户访问特定站点.在这种情况下，站点是Contoso.

The above code will allow you to create an authorization rule that allows a particular user in a group to access a particular site. In this case the site is Contoso.

这将禁用站点的匿名身份验证；然后启用基本&该站点的Windows身份验证:

Then this will disable Anonymous authentication for the site; then enable Basic & Windows Authentication for the site:

using(ServerManager serverManager = new ServerManager()) 
{ 
    Configuration config = serverManager.GetApplicationHostConfiguration();

    ConfigurationSection anonymousAuthenticationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication", "Contoso");
    anonymousAuthenticationSection["enabled"] = false;

    ConfigurationSection basicAuthenticationSection = config.GetSection("system.webServer/security/authentication/basicAuthentication", "Contoso");
    basicAuthenticationSection["enabled"] = true;

    ConfigurationSection windowsAuthenticationSection = config.GetSection("system.webServer/security/authentication/windowsAuthentication", "Contoso");
    windowsAuthenticationSection["enabled"] = true;

    serverManager.CommitChanges();
}

或者，您可以根据需要简单地添加IIS管理器用户帐户；您可以将其设置为特定权限，以操纵和管理其他应用程序.

Or you can simply add an IIS Manager User Account if you'd like; which you can set to certain permissions to manipulate and manage those other applications.

using (ServerManager serverManager = new ServerManager())
{
    Configuration config = serverManager.GetAdministrationConfiguration();

    ConfigurationSection authenticationSection = config.GetSection("system.webServer/management/authentication");
    ConfigurationElementCollection credentialsCollection = authenticationSection.GetCollection("credentials");
    ConfigurationElement addElement = credentialsCollection.CreateElement("add");
    addElement["name"] = @"ContosoUser";
    addElement["password"] = @"P@ssw0rd";
    addElement["enabled"] = true;
    credentialsCollection.Add(addElement);

    serverManager.CommitChanges();
}

Internet信息系统具有很大的灵活性；它非常强大.那里的参考文献也相当深入.这些示例无能为力，无法适应您的特定用法，或者至少提供了一定程度的理解，以使其能够执行您想要的操作.

There is a lot of flexibility within Internet Information System; its quite powerful. The documentation through there reference is also quite in depth. The examples are quite inept to be adapted to your particular usage or at least provide a level of understanding to make it do what you want.

希望能提供帮助，这些示例来自此处:

Hopefully that help, those examples came from here:

这篇关于使用ServerManager类配置IIS身份验证设置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！