问题描述
这是一个奇怪的。当我到了这一点,他们总是有。
This is a strange one. They always are when I get to this point.
我有一个MVC应用程序。这是一个单页面应用程序,以便所有路由都Ajax调用,但我不认为这是相关的。
I have an MVC app. It's a single page app so all routes are ajax calls but I don't think this is relevant.
奇怪,突然间一个特定页面已经开始给我一个401和提示creds。实际上,它是在这个MVC区两页。它只是做它在QA没有本地,所以我不能调试。它只去年推后启动。其它页面的都不是这样做的。
Strangely and all of a sudden one particular page has started giving me a 401 and prompting for creds. Actually it's both pages that are in this MVC Area. It is only doing it in qa no locally so I can't debug. And It only started after last push. None of the other pages are doing this.
所以,我比较了一个成功的页面,并通过小提琴手头401页的网站上。
完全刻着相同的,除了网址。
行动
So I compared the headers via fiddler for a successful page and the 401 page on the site.exactly the freakin same except the url.the actions
401的动作
public ActionResult Display_Template(ViewModel input)
{
return this.View("Display", new TasksByFieldViewModel());
}
为200
public ActionResult AddUpdate_Template(ViewModel input)
{
return View("VendorAddUpdate", new VendorViewModel());
}
唯一的变化是这一点,这是没有意义的。
The only changes are this and this makes no sense.
从401页,我重定向到上有一个一个的ReportViewer的aspx页面。但是你必须点击一个按钮,然后你超过window.locationed。它不可能有什么关系的。
From the 401 page, I redirect to an aspx page that has a reportviewer on it. But you have to click a button and then you are window.locationed on over. It can't possibly have anything to do with that.
二是,我从SQLSERVER审判升级到SQLSERVER质量保证服务器的标准配置。
The second is that I upgraded from sqlserver trial to sqlserver standard on the qa server.
这就是我的一切。完全糊涂。
That's all I got. completely befuddled.
任何想法将是巨大的。
谢谢,
RAIF
编辑\\修复\\哈克
确定好这要么是混淆或激怒。它的结论还为时过早。
Ok well this is either confusing or enraging. It's too early to tell.
我的MVC区,即打破,那么它被命名为报告,因为,嗯,这是充满了报告之一。做一些万福玛利亚测试后,我改变了区名Reportsx,现在它就像一个梦。正如我当然从来没有告诉堆栈要求凭据区域名称是报告我只能假设有一些IIS设置或设置MVC,说如果URL是XXX /报表然后要求creds的任何部分。
My MVC Area, the one that is breaking, well it was named "Reports" because, well it was full of reports. After doing some hail mary tests I changed the Area name to Reportsx, now it works like a dream. As I certainly never told any part of the stack to demand credentials if the Area name is Reports I can only assume that there is some IIS setting or MVC setting that says if the url is xxx/Reports then demand creds.
我接受不同的观点。
推荐答案
如果系统在不管你的工作是一个类似于我在哪里工作,那么当你说在QA你的意思是你把你的code对于测试人员在捅的服务器上。现在,当我第一次开始在这里,我被告知要离开某些现有的配置文件,我发现他们在此服务器上,因为更改将介绍的东西都是我机器上,打破常规。我猜你也有类似的政策,因此,部署了新的一页,以一台服务器,但独自离开该服务器的Web.config。但在Web.config中,有看起来像这样段的整个列表:
If the system at wherever you work is similar to the one where I work, then when you say "in QA" you mean you've put your code on a server for the testers to poke at. Now, when I first started here, I was told to leave certain existing config files as I found them on this server, because changes will introduce things that are specific to my machine and break things. I'm guessing you have a similar policy, and have therefore deployed your new page to a server, but left that server's Web.config alone. However, in Web.config, there's a whole list of sections that look something like this:
<location path="something">
<formsAuthenticationWrapper enabled="false"/>
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true"/>
<anonymousAuthentication enabled="false"/>
</authentication>
</security>
</system.webServer>
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
其中东西如在第一线的路径值可以像资产/ CSS或像的Login.aspx页面的路径。你会注意到,有一个为身份验证模式的各种设置。
where the "something" as the path value in the first line can be a path like "Assets/CSS" or a page like "Login.aspx". You'll notice that there's various settings for auth modes.
现在,如果QA服务器上的Web.config提到所谓的报告,并指定它需要一个特定的身份验证模式,则未能提供合适的凭据,该模式将导致401更改名称为 Reportsx可能只是意味着它不再能找到匹配的条目,所以回落到一个默认的模式,这显然让人们
Now, if the Web.config on the QA server mentions something called "Reports" and specifies that it requires a particular auth mode, then failure to provide suitable credentials for that mode will result in a 401. Changing the name to "Reportsx" probably just meant that it can no longer find a matching entry, and so fell back to a default mode, which apparently lets people in.
所以,尽量检查服务器的Web.config对部分提到东西/报告,看看AUTH他们需要。
So, try checking the server's Web.config for sections mentioning "something/Reports" and see what auth they require.
这篇关于MVC操作会返回401错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!