Windows 身份验证和 Angular 7 应用程序 [英] Windows Authentication and Angular 7 application
问题描述
我开发了内网应用
后端:ASP.NET WEB API-2(所有控制器都有授权属性),前端:Angular 7(在 prod 构建之后,我将生成的脚本移动到我的后端项目):
Backend: ASP.NET WEB API-2 (All controllers have Authorize attribute), Frontend: Angular 7 (after prod build I moved generated scripts to my backend project):
....
<app-root>
<div id="preloader"></div>
</app-root>
<script type="text/javascript" src="~/Scripts/SPA/runtime.26209474bfa8dc87a77c.js"></script>
<script type="text/javascript" src="~/Scripts/SPA/es2015-polyfills.bda95d5896422d031328.js" nomodule></script>
<script type="text/javascript" src="~/Scripts/SPA/polyfills.8bbb231b43165d65d357.js"></script>
<script type="text/javascript" src="~/Scripts/SPA/main.122a2bd84f391ab8df1d.js"></script>
</body>
问题是在部署到服务器后提示输入我的用户名/密码.如果用户输入凭据,它工作正常,但我希望应用程序自动获取登录的用户.
The problem is am getting prompted to enter my username/password after deployment to server.If user enters credentials it works perfectly, but I want the application to grab logged user automaticaly.
这是我的 web.config
this is my web.config
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
这是我的角度拦截器
import { Injectable } from '@angular/core';
import { HttpInterceptor, HttpRequest, HttpHandler, HttpEvent } from '@angular/common/http';
import { Observable } from 'rxjs';
@Injectable()
export class CredentialsInterceptor implements HttpInterceptor {
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
request = request.clone({
withCredentials: true
});
return next.handle(request);
}
}
在 Visual Studio 2019 项目设置中
in Visual Studio 2019 project settings
匿名身份验证:已启用
Windows 身份验证:已启用
Windows Authentication:Enabled
管理管道模式:集成
Global.asax
Global.asax
protected void Application_BeginRequest(Object sender, EventArgs e)
{
//Preflight request comes with HttpMethod OPTIONS
//The following line solves the error message
//HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "http://localhost:4202");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Credentials", "true");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.AddHeader("Cache-Control", "no-cache");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, Pragma, Cache-Control, Authorization");
HttpContext.Current.Response.End();
}
}
推荐答案
输入凭据后一切正常的事实意味着这是客户端问题,而不是服务器端问题.浏览器不会自动发送您的凭据.
The fact that everything works when you type in your credentials means that this is a client-side problem, not server-side. The browser is not automatically sending your credentials.
仅当站点位于 Internet 选项中的受信任站点列表中时,Chrome 和 IE 才会自动发送当前登录用户的凭据.
Chrome and IE will automatically send the credentials of the currently-logged-on user only if the site is in the list of Trusted Sites in Internet Options.
- 打开开始"菜单.
- 输入Internet 选项"并点击它.
- 点击安全"标签.
- 点击可信站点"图标.
- 点击网站"按钮.
- 将您网站的域添加到列表中.您可以使用通配符.
这也可以通过组策略进行设置,因此可以将设置推送到您组织中的每台计算机.请参阅答案 此处.
This can also be set via group policy, so the setting can be pushed to every computer in your organization. See the answer here.
Firefox 使用自己的设置:network.negotiate-auth.delegation-uris
.我相信这也可以通过组策略以某种方式设置.
Firefox uses its own setting: network.negotiate-auth.delegation-uris
. I'm sure that could be set via group policy somehow too.
这篇关于Windows 身份验证和 Angular 7 应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!