将 Forms 身份验证与 Windows 身份验证混合使用 [英] Mixing Forms authentication with Windows authentication
问题描述
我有一个 (ASP.NET 3.5) Intranet 应用程序,它被设计为使用表单身份验证(以及默认的 aspnet 会员系统).我还将有关用户的其他信息存储在另一个表中,该表与 aspnet_users 表共享其主键.
I have an (ASP.NET 3.5) intranet application which has been designed to use forms authentication (along with the default aspnet membership system). I also store additional information about users in another table which shares its primary key with the aspnet_users table.
对于属于我们域的用户,我将他们的域帐户名存储在辅助用户表中,并且我想自动登录其域帐户名与存储在表中的名称匹配的用户.
For users who are part of our domain I store their domain account name in the secondary users table, and I want to automatically log in users whose domain account name matches a name stored in the table.
我已阅读可用的指南 - 它们都来自两年或更长时间,并假设您能够在允许您提取域帐户名称的单独登录页面上激活 Windows 身份验证.不过,据我所知,这在 IIS7 中是不可能的(整体身份验证方法适用于所有页面,不能有选择地停用,两种身份验证方法不能应用于同一页面).
I have read the guides which are available - they're all from two years ago or more and assume that you are able to activate Windows Authentication on a separate login page that allows you to extract the domain account name. From what I can tell, though, this is not possible in IIS7 (the overall authentication method is applied on all pages and cannot be selectively deactivated, and both authentication methods can't be applied on the same page).
有没有办法让 IIS 通过请求用户的 windows 域帐户名?我不需要正确的 AD 身份验证,只需要域名.
Is there a way of getting IIS to pass through the windows domain account name of the requesting user? I don't need proper AD authentication, just the domain name.
推荐答案
其实可以的.@dr_draik 有点晚了,但这突然出现在我的谷歌搜索结果中,所以我想我会分享一些知识.
Actually, you can do it. Bit late for @dr_draik, but this cropped up in a google result for me so I thought I'd share some knowledge.
如果您处于经典模式 - 启用 Windows 和 Forms 身份验证.您会收到无法同时执行这两项操作的警告,但您可以忽略它.然后,您可以探索各种属性,例如代码:
If you're in classic mode - Enable both Windows and Forms auth. You'll get a warning about not being able to do both at once, but you can ignore it. Then, you can spelunk around various properties like Code:
HttpContext.Current.Request.ServerVariables["LOGON_USER"]
然后把用户名从那里捞出来.
and fish the username out of there.
如果您处于集成模式 - 4021905 IIS7 基于挑战和登录重定向的身份验证不能同时使用 导致 IIS 7.0 具有表单身份验证和 Windows 身份验证的两级身份验证,这是一个允许您有选择地更改不同页面的身份验证的模块.
If you're in integrated mode - 4021905 IIS7 Challenge-based and login redirect-based authentication cannot be used simultaneiously leads to IIS 7.0 Two-Level Authentication with Forms Authentication and Windows Authentication which is a module that allows you to selectively change the auth for different pages.
这篇关于将 Forms 身份验证与 Windows 身份验证混合使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
