当请求来自LAN外部时,IIS将从http请求中删除授权标头

时间:2022-06-01 12:56:36

I have an IIS 7.5 on Windows Server 2008 R2. It has the Basic, Anonymous and Windows Authentication modes enabled. I have hosted a restful WCF service in it.

我在Windows Server 2008 R2上安装了IIS 7.5。它启用了基本,匿名和Windows身份验证模式。我在其中托管了一个宁静的WCF服务。

I make an http request with Authorization header from my client within the LAN/VPN, all goes well. On the service side I could see that the OperationContext.Current.IncomingMessageHeaders contains the Authorization header with the right value.

我在LAN / VPN中使用来自我的客户端的授权标头发出http请求,一切顺利。在服务端,我可以看到OperationContext.Current.IncomingMessageHeaders包含具有正确值的Authorization标头。

When I attempt to do the same from outside the LAN/VPN, (I used a different Internet connection and also a public proxy), the OperationContext.Current.IncomingMessageHeaders seems to have missing Authorization header.

当我尝试从LAN / VPN外部执行相同操作时(我使用了不同的Internet连接以及公共代理),OperationContext.Current.IncomingMessageHeaders似乎缺少Authorization标头。

I am unsure as to what exactly removes the header. I suspect a misconfigured IIS. Any clues?

我不确定究竟是什么删除了标题。我怀疑IIS配置错误。有什么线索吗?

1 个解决方案

#1


0  

If you want your service to always do windows authentication as the question seems to suggest, remove disable all other auth modes in IIS, requests from LAN are passing probably because people requesting it are from the same domain, in an internet (putting this simply) will go for the least required auth mode, which in this case would be anonymous.

如果您希望您的服务始终按照问题建议进行Windows身份验证,请删除禁用IIS中的所有其他身份验证模式,来自LAN的请求可能正在通过,因为请求它的人来自同一个域,在互联网中(简单地说)将采用最少的auth模式,在这种情况下将是匿名的。

#1


0  

If you want your service to always do windows authentication as the question seems to suggest, remove disable all other auth modes in IIS, requests from LAN are passing probably because people requesting it are from the same domain, in an internet (putting this simply) will go for the least required auth mode, which in this case would be anonymous.

如果您希望您的服务始终按照问题建议进行Windows身份验证,请删除禁用IIS中的所有其他身份验证模式,来自LAN的请求可能正在通过,因为请求它的人来自同一个域,在互联网中(简单地说)将采用最少的auth模式,在这种情况下将是匿名的。