IIS 7.0中的模拟 [英] Impersonation in IIS 7.0
问题描述
我有一个在IIS 6.0下正常运行的网站:它使用Windows凭据对用户进行身份验证,然后在与访问数据库的服务进行通信时,它会传递凭据。
I have a website that works correctly under IIS 6.0: It authenticates users with windows credentials, and then when talking to the service that hits the DB, it passes the credentials.
在IIS 7.0中,相同的配置设置不会传递凭据,并且数据库会被NT AUTHORITY \ ANONYMOUS命中。
In IIS 7.0, the same config settings do not pass the credentials, and the DB gets hit with NT AUTHORITY\ANONYMOUS.
我有什么东西吗?失踪?我已经在我的IIS 7.0网站中关闭了ANONYMOUS访问权限,但是我无法使用它。
Is there something I'm missing? I've turned ANONYMOUS access off in my IIS 7.0 website, but I can't get the thing to work.
这些是我在两者上使用的设置IIS 6.0和7.0:
These are the settings that I'm using on both IIS 6.0 and 7.0:
<authentication mode="Windows">
<identity impersonate="true">
6.0从7.0变为7.0?
What changed from 6.0 to 7.0?
推荐答案
IIS7和IIS6.0之间发生了变化。我找到了一篇可能真正帮助你的博客文章(点击此处查看)。
There has been changes between IIS7 and IIS6.0. I found for you one blog post that might actually help you (click here to see it).
您是否在集成模式下运行应用程序还是在经典模式?从我看到的,将Impersonate属性设置为true应显示500错误,并显示以下错误消息:
Are you running your application in Integrated Mode or in Classic Mode? From what I saw, putting the Impersonate attribute at true should display you a 500 error with the following error message:
内部服务器错误。这是HTTP
错误500.19:无法访问请求的页面
,因为页面的相关
配置数据是
无效。
Internal Server Error. This is HTTP Error 500.19: The requested page cannot be accessed because the related configuration data for the page is invalid.
以下是建议的解决方法:
Here is the workaround that is proposed:
解决方法:
Workaround:
1)如果您的应用程序不依赖于
在BeginRequest和
AuthenticateRequest阶段模拟请求用户
(模仿的唯一
阶段)在集成模式下可能不是
),通过将以下内容添加到
你的应用程序的web.config来忽略
这个错误:
1) If your application does not rely on impersonating the requesting user in the BeginRequest and AuthenticateRequest stages (the only stages where impersonation is not possible in Integrated mode), ignore this error by adding the following to your application’s web.config:
<validation validateIntegratedModeConfiguration="false"
/ >
2)如果您的应用程序确实依赖于
模拟BeginRequest和
AuthenticateRequest,或者你不是
肯定,转到经典模式。
2) If your application does rely on impersonation in BeginRequest and AuthenticateRequest, or you are not sure, move to classic mode.
我希望这对了解IIS 7.0现在的工作方式很有用。
I hoped that was useful to understand how IIS 7.0 now works.
这篇关于IIS 7.0中的模拟的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
