IIS防爆preSS - 模仿Windows帐户 [英] IIS Express - Impersonate a windows account
问题描述
我使用的是IIS防爆preSS主办我的网站,我愿做类似目录安全性的东西在IIS 6在IIS 6中,我能够进入目录安全性选项卡,并允许匿名用户是本地Windows帐户。
I'm using IIS Express to host my website, and I would like to do something similar to Directory Security in IIS 6. In IIS 6, I was able to go to the Directory Security tab and allow the anonymous user to be a local windows account.
有没有的东西相当于在IIS防爆preSS?我需要什么样的变化对ApplicationHost.config做?
Is there something equivalent in IIS Express for that? What changes do I need to make in applicationhost.config?
感谢
推荐答案
IIS防爆preSS进程下的登录用户运行。使用默认设置,匿名请求将根据该方法的身份执行。
还有就是要明确的配置为用户匿名认证,在anonymousAuthentication部分编辑对ApplicationHost.config(在%USERPROFILE%\\文件\\ iisEx preSS \\设置\\),并设置您的匿名用户名和密码的方式< anonymousAuthentication启用=真的userName =富密码=酒吧>
IIS Express process runs under the logged on user. With default settings, anonymous requests will execute under the identity of the process.
There is a way to configure explicit user for anonymous authentication, by editing applicationhost.config (in "%userprofile%\documents\iisExpress\config\") and setting your anonymous user and password in anonymousAuthentication section
<anonymousAuthentication enabled="true" userName="foo" password="bar" >
注:
- 加密上下文不是设置为IIS防爆preSS(除非IIS正好也是安装在机器上),这样加密的设置将无法正常工作
- 的你不能让上面的设置编程的程序,因为设置将尝试设置加密密码,将失败。
- 配置的用户将无法访问%USERPROFILE%\\ Documents \\我的网站目录。你会得到一个令人困惑的认证/授权错误。
- 如果你想使用显式配置匿名帐户,它可能是最好的复制%USERPROFILE%\\文件以外的IIS前preSS站点目录,因为与其他用户共享用户配置文件里面的文件是不是一个好主意,从安全的角度来看。
- the crypto context is not setup for the IIS Express (unless IIS happens to be also installed on the machine), so encrypted settings will not work
- you cannot make the above setting programatically because programmatic setting will try to set password encrypted and will fail.
- configured user will not have access to the "%userprofile%\documents\My web sites" directory. You will get a confusing authentication/authorization error.
- If you want to use explicitly configured anonymous account, it may be the best to copy your IIS Express site directory outside the "%userprofile%\documents" since sharing the files inside your user profile with other users is not a good idea from the security standpoint.
这篇关于IIS防爆preSS - 模仿Windows帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
