问题描述
我有一个使用Active Directory授权的Web项目(所有带有AuthorizeAttribute标记的控制器).在web.config中,我具有以下身份验证部分:
I have a web project that uses Active Directory authorization (All controllers marked with AuthorizeAttribute). In web.config i have following authentification section:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
问题是:当我在Visual Studio Development Server下运行项目时,一切正常,它会弹出授权窗口,输入登录名/密码后,我可以看到所有站点内容.
The problem is:When i run project under Visual Studio Development Server everything goes fine, it pops authorization window, after entering login/password i can see all site contents.
但是,当我尝试在IIS(7.5)下运行它时,仍然会弹出授权窗口,但是登录名/密码始终不正确(看起来它无法访问AD).站点配置为使用Windows授权.应用程序池使用Windows登录名/密码运行.我想念什么?
But, when i try to run it under IIS (7.5) authorization window still pops, but login/password is always incorrect (looks like it cannot access AD).Site is configured to use windows authorization. Application pool runs using my windows login/password. What am i missing?
推荐答案
如果您的主机头文件指向127.0.0.1,则可能是身份验证环回检查.
If your host header file is pointing to 127.0.0.1, it may be the authentication loopback check.
如果是这种情况,答案已在的asp.net应用程序上Windows身份验证/模拟失败.简而言之,打开regedit,然后将DWORD DisableLoopbackCheck = 1添加到HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Lsa.
If that is the case, the answer is already detailed at why does windows authentication / impersonation fail on asp.net application with iis 7.5 / windows 7 /. In short, open regedit, and add a DWORD DisableLoopbackCheck = 1 to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
这篇关于Active Directory授权:IIS与Visual Studio Dev服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!