什么是“通过认证"?在IIS 7中? [英] What is "pass-through authentication" in IIS 7?
问题描述
在IIS 7中,我为网站指定了物理路径并单击测试设置"按钮后,收到以下警告:
In IIS 7, after I specify the physical path for my website and click the "Test Settings" button, I get the following warning:
服务器配置为对内置帐户使用传递身份验证来访问指定的物理路径.但是,IIS管理器无法验证内置帐户是否具有访问权限.确保应用程序池标识具有对物理路径的读取"访问权限.如果此服务器已加入域,并且应用程序池标识为NetworkService或LocalSystem,请验证
< domain> \< computer_name> $对物理路径具有读取权限.然后再次测试这些设置.
The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that
<domain>\<computer_name>$has read access to the physical path. Then test these settings again.
那么什么是传递身份验证?从字面上看,应该通过一些B传递一些A?那么A和B是什么?
So what is pass-through authentication? Literally, it should be pass some A through some B? So what are the A and B?
此外,我实际上正在使用内置的 ApplicationPoolIdentity .IIS为什么不能验证此帐户对物理路径具有适当的访问权限?为什么我需要自己进行验证?
Also, I am actually using the built-in ApplicationPoolIdentity. Why can't IIS verify that this account has proper access rights to the physical path? Why do I need to verify it myself?
推荐答案
通常,IIS将使用进程标识(运行此工作进程的用户帐户)访问文件系统或网络等受保护的资源.
Normally, IIS would use the process identity (the user account it is running the worker process as) to access protected resources like file system or network.
通过直通身份验证,IIS在访问受保护的资源时将尝试使用用户的实际身份.
With passthrough authentication, IIS will attempt to use the actual identity of the user when accessing protected resources.
如果用户未通过身份验证,则IIS将改用应用程序池标识.如果将池标识设置为NetworkService或LocalSystem,则实际使用的Windows帐户是计算机帐户.
If the user is not authenticated, IIS will use the application pool identity instead. If pool identity is set to NetworkService or LocalSystem, the actual Windows account used is the computer account.
您看到的IIS警告不是错误,而只是警告.实际检查将在执行时执行,如果失败,它将显示在日志中.
The IIS warning you see is not an error, it's just a warning. The actual check will be performed at execution time, and if it fails, it'll show up in the log.
这篇关于什么是“通过认证"?在IIS 7中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
