anonymousAuthentication

anonymousAuthentication

本文介绍了IIS防爆preSS - 模仿Windows帐户的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我使用的是IIS防爆preSS主办我的网站,我愿做类似目录安全性的东西在IIS 6在IIS 6中,我能够进入目录安全性选项卡,并允许匿名用户是本地Windows帐户。

I'm using IIS Express to host my website, and I would like to do something similar to Directory Security in IIS 6. In IIS 6, I was able to go to the Directory Security tab and allow the anonymous user to be a local windows account.

有没有的东西相当于在IIS防爆preSS?我需要什么样的变化对ApplicationHost.config做?

Is there something equivalent in IIS Express for that? What changes do I need to make in applicationhost.config?

感谢

推荐答案

IIS防爆preSS进程下的登录用户运行。使用默认设置,匿名请求将根据该方法的身份执行。
还有就是要明确的配置为用户匿名认证,在anonymousAuthentication部分编辑对ApplicationHost.config(在%USERPROFILE%\\文件\\ iisEx preSS \\设置\\),并设置您的匿名用户名和密码的方式
< anonymousAuthentication启用=真的userName =富密码=酒吧>

IIS Express process runs under the logged on user. With default settings, anonymous requests will execute under the identity of the process.There is a way to configure explicit user for anonymous authentication, by editing applicationhost.config (in "%userprofile%\documents\iisExpress\config\") and setting your anonymous user and password in anonymousAuthentication section<anonymousAuthentication enabled="true" userName="foo" password="bar" >

注:


  • 加密上下文不是设置为IIS防爆preSS(除非IIS正好也是安装在机器上),这样加密的设置将无法正常工作

  • 你不能让上面的设置编程的程序,因为设置将尝试设置加密密码,将失败。

  • 配置的用户将无法访问%USERPROFILE%\\ Documents \\我的网站目录。你会得到一个令人困惑的认证/授权错误。

  • 如果你想使用显式配置匿名帐户,它可能是最好的复制%USERPROFILE%\\文件以外的IIS前preSS站点目录,因为与其他用户共享用户配置文件里面的文件是不是一个好主意,从安全的角度来看。

  • the crypto context is not setup for the IIS Express (unless IIS happens to be also installed on the machine), so encrypted settings will not work
  • you cannot make the above setting programatically because programmatic setting will try to set password encrypted and will fail.
  • configured user will not have access to the "%userprofile%\documents\My web sites" directory. You will get a confusing authentication/authorization error.
  • If you want to use explicitly configured anonymous account, it may be the best to copy your IIS Express site directory outside the "%userprofile%\documents" since sharing the files inside your user profile with other users is not a good idea from the security standpoint.

这篇关于IIS防爆preSS - 模仿Windows帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-23 04:23