使用Windows身份验证在IIS 7.5上为ASHX处理程序启用PUT [英] Enabling PUT on IIS 7.5 for an ASHX handler using Windows Authentication
问题描述
我有一个ASP.NET(.NET 4)网站,它使用http PUT作为.ashx通用处理程序。 PUT调用源自Silverlight前端。所有在我的本地计算机(Cassini Web服务器)上的VS 2010中工作。
I have an ASP.NET (.NET 4) website that uses http PUT for an .ashx generic handler. The PUT call originates from a Silverlight front end. All works in VS 2010 on my local machine (Cassini web server).
然后我部署到IIS7.5 Win Server 2008 R2框。
Then I deployed to an IIS7.5 Win Server 2008 R2 box.
silverlight / website很好,但是对.ashx处理程序的PUT调用会遇到Windows登录提示。
这是本地Intranet所以Windows身份验证(使用NTLM和协商提供程序)是唯一启用的身份验证。
The silverlight/website is fine, but PUT calls to the .ashx handler are met with a Windows Login Prompt.
This is a local intranet so Windows Authentication (with NTLM & Negotiate providers) is the only enabled authentication.
我已经按照他的建议,我现在可以通过我的.ashx处理程序进行PUT调用。问题是只有Web服务器的Administrators组中的人才能执行此操作。没人能。他们遇到了Windows登录提示。
I've followed his suggestion and I can now make PUT calls via my .ashx handler. Problem is only folks in the Administrators Group of the web server can do this. No one else can. They are met with the windows login prompt.
知道这可能是什么吗?
我不能为公司中的每个人提供网络服务器的管理员权限。毫无疑问,他们会切断我的一只手,在我面前吃手,然后告诉我门。
I can't give Everyone in the company Admin privileges on the webserver. They would no doubt cut off one of my hands, eat said hand in front of me, and then show me the door.
推荐答案
好吧我明白了。
以下是IIS 7.5中的关键配置元素:
Here are the key configuration elements in IIS 7.5:
- 在Windows身份验证下/提供商 - NTLM必须在谈判之上
- 域用户需要对包含ashx处理程序的目录的写访问权
-
URL授权未在Web服务器上启用角色。我添加了它,然后将其粘贴在system.webServer下的web.config中:
- Under Windows Authentication / Providers - NTLM had to be on top of Negotiate
- Domain Users needed write access to the directory containing the ashx handler
URL Authorization was not enabled as a role on the web server. I added it and then stuck this in the web.config under system.webServer:
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="*" verbs="GET,HEAD,POST,PUT,DELETE,DEBUG" />
</authorization>
</security>
(我会稍微减少一点,但现在它有效)
(I'll trim that down a bit, but for now it works)
我的整个system.webServer元素如下:
My entire system.webServer element is as follows:
<system.webServer>
<modules>
<remove name="WebDAVModule" />
</modules>
<defaultDocument>
<files>
<clear />
<add value="default.aspx" />
</files>
</defaultDocument>
<handlers accessPolicy="Read, Write, Execute, Script">
<remove name="WebDAV" />
<remove name="SimpleHandlerFactory-Integrated-4.0" />
<remove name="SimpleHandlerFactory-Integrated" />
<add name="SimpleHandlerFactory-Integrated" path="*.ashx" verb="GET,HEAD,POST,DEBUG,PUT" type="System.Web.UI.SimpleHandlerFactory" resourceType="Unspecified" requireAccess="Write" preCondition="integratedMode" />
<add name="SimpleHandlerFactory-Integrated-4.0" path="*.ashx" verb="GET,HEAD,POST,DEBUG,PUT" type="System.Web.UI.SimpleHandlerFactory" resourceType="Unspecified" requireAccess="Write" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="*" verbs="GET,HEAD,POST,PUT,DELETE,DEBUG" />
</authorization>
</security>
</system.webServer>
这样做了。
这篇关于使用Windows身份验证在IIS 7.5上为ASHX处理程序启用PUT的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
