Uploadify（flash文件上传）及集成Windows身份验证 [英] Uploadify (flash file upload) & Integrated Windows Authentication

问题描述

我正在与Uploadify一个问题，我希望有人可以提供帮助。我已经把Uploadify到我的应用程序，都在开发工作正常（使用VS web服务器）。所有工作正常，并检查，直到我在部署应用程式成采用集成Windows身份验证我的测试环境。

I'm running into an issue with Uploadify and I hope someone can help. I have put Uploadify into my app and all works fine in dev (using the VS web server). All worked fine and checked until I deployed the app into my test environment which uses Integrated Windows Authentication.

当我真正去上传文件，浏览器会弹出一个登录提示。在这一点上，即使你在正确的用户名和密码类型，请求似乎没有完成，即使你告诉浏览器记住密码它仍然带来了登录提示。

When I actually go to upload the file, the browser brings up a login prompt. At this point, even if you type in the correct username and password, the request seems not to complete and even if you tell the browser to remember the password it still brings up the login prompt.

在此开始发生，我决定旋转起来小提琴手，看看发生了什么事情。但细想一下，当过提琴手运行不会出现问题。

When this started to occur, I decided to spin up Fiddler and see what was going on. But guess what, when ever Fiddler is running the issue doesn't occur.

不幸的是我不能运行提琴手一个reuqierment运行的应用程序。因此，没有任何人有任何想法。我知道有一些问题Uploadify /闪存使用窗体身份验证，但我没想到他们跨运到集成Windows身份验证时。

Unfortunately I can't make running Fiddler a reuqierment for running the app. Hence does anyone have any ideas. I know there are some issues with Uploadify/flash when using forms authentication but I didn't think they carried across to Integrated Windows Authentication.

推荐答案

我看到这个页面，我几乎放弃了后来我碰到这个的在PluralSight从克雷格文章。这给了我从ASP.Net返回401，而不是IIS这就是为什么匿名身份验证在IIS中启用的想法。

I saw this page and I almost gave up but then I ran across this article from Craig at PluralSight. Which gave me the idea of returning a 401 from ASP.Net instead of IIS which is why anonymous authentication is enabled in IIS.

下面是解决该问题的步骤。

Here are the steps to workaround the issue.

第1步：启用匿名身份验证和Windows身份验证在IIS

Step 1: Enable Anonymous Authentication and Windows Auth in IIS.

第2步：添加此code你的Global.asax.cs结果
信用卡/感谢： Uploadify在ASP.NET MVC 结果（会话和验证）
注意：在我的版本只有POST请求使用特殊的逻辑，因为我只希望这code为uploadify工作。换句话说，我删除code GET请求。看看，如果你想支持GET上面的链接。

Step 2: Add this code to your Global.asax.cs
Credit/Thanks to: Uploadify (Session and authentication) with ASP.NET MVC
Note: In my version only POST requests use the special logic since I only want this code to work for uploadify. In other words I delete the code for GET requests. Take a look at the link above if you want to support GET.

protected void Application_BeginRequest(object sender, EventArgs e)
{
    /* we guess at this point session is not already retrieved by application so we recreate cookie with the session id... */
    try
    {
        string session_param_name = "ASPSESSID";
        string session_cookie_name = "ASP.NET_SessionId";

        if (HttpContext.Current.Request.Form[session_param_name] != null)
        {
            UpdateCookie(session_cookie_name, HttpContext.Current.Request.Form[session_param_name]);
        }

    }
    catch
    {
    }

    try
    {
        string auth_param_name = "AUTHID";
        string auth_cookie_name = FormsAuthentication.FormsCookieName;

        if (HttpContext.Current.Request.Form[auth_param_name] != null)
        {
            UpdateCookie(auth_cookie_name, HttpContext.Current.Request.Form[auth_param_name]);
            return; // this is an uploadify request....get out of here.
        }

    }
    catch
    {
    }

    // handle the windows authentication while keeping anonymous turned on in IIS.
    // see: http://stackoverflow.com/questions/2549914/uploadify-flash-file-upload-integrated-windows-authentication

    if (Request.ServerVariables["LOGON_USER"].Length == 0) // They haven't provided credentials yet
    {
        Response.StatusCode = 401;
        Response.StatusDescription = "Unauthorized";
        Response.End();
        return;
    }

    FormsAuthentication.SetAuthCookie(Request.ServerVariables["LOGON_USER"], true); 

}

private void UpdateCookie(string cookie_name, string cookie_value)
{
    HttpCookie cookie = HttpContext.Current.Request.Cookies.Get(cookie_name);
    if (null == cookie)
    {
        cookie = new HttpCookie(cookie_name);
    }
    cookie.Value = cookie_value;
    HttpContext.Current.Request.Cookies.Set(cookie);
} 

第3步：更新的JavaScript调用uploadify包括表单的身份验证密钥，会话密钥

Step 3: Update the javascript invoking uploadify to include the form's auth key and session key.

<script> 
    var auth = "<% = Request.Cookies[FormsAuthentication.FormsCookieName]==null ? string.Empty : Request.Cookies[FormsAuthentication.FormsCookieName].Value %>"; 
    var ASPSESSID = "<%= Session.SessionID %>"; 

    $("#uploadifyLogo").uploadify({ 
        ... 
        scriptData: { ASPSESSID: ASPSESSID, AUTHID: auth } 
    }); 

第4步：更新你的web.config

Step 4: Update your web.config

  <system.web>
    ...
    <authentication mode="Forms">
      <forms defaultUrl="/" />
    </authentication>
    ...

这篇关于Uploadify（flash文件上传）及集成Windows身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！