I'm developing a web application and I need to mix Forms & Windows authentication together.
我正在开发一个web应用程序,我需要将表单和Windows身份验证结合在一起。
The approach which I selected is this: authentication method on all the web site has to be forms auth. There is a form page (~/home/Login) to login in via forms auth. The magic (and trouble) is that only one page (say ~/Home/WinLogin) has to have auth metod set up to be windows auth. This page is used to read HttpContext.User.Identity.Name to get the windows user name.
我选择的方法是:所有web站点上的身份验证方法必须是form auth。有一个表单页面(~/home/Login)可以通过表单身份登录。魔法(和麻烦)是只有一个页面(比如~/Home/WinLogin)必须设置为windows auth。此页面用于读取HttpContext.User.Identity。获取windows用户名的名称。
What I don't know is how to set up the win auth on iis6 for the one particular route?
我不知道的是如何在iis6上为一条特定路线设置win auth ?
The route looks like ~/Home.ashx/WinLogin. Ok, but what then? I tried to create a directory Home.ashx in the virtual directory and subdirectory WinLogin. But then ~/Home.ashx/Login (with the login form) stopped working.
路线看起来像~/Home.ashx/WinLogin。好吧,然后呢?我尝试创建一个目录主目录。在虚拟目录和子目录WinLogin中的ashx。然后~ /回家。ashx/Login(使用登录表单)停止工作。
Because on iis6 we have to use a ashx handler it seems that there is no other way how to do it instead of creating a ordinary web page ~/WinLogin.aspx that does the work. However I wanted to avoid that and use MVC only.
因为在iis6上,我们必须使用ashx处理程序,所以除了创建一个普通的web页面~/WinLogin之外,似乎没有其他的方法可以做到这一点。做这个工作的aspx。但是我想避免这种情况,只使用MVC。
Just for info how to setup iis7: IIS 7.0 Server-Side blog It's not perfect (Mike Volodarsky had to create custom forms auth module), but it works.
仅仅为了了解如何设置iis7: IIS 7.0服务器端博客,它并不完美(Mike Volodarsky必须创建自定义表单auth模块),但它确实有效。
1 个解决方案
#1
2
You can't selectively set windows auth in IIS6 like you can in IIS7. You could however set the home.ashx to support anonymous and windows auth; replace the HttpContext.User property in the /Login case and use the windows principle in the /WinLogin case. However, you need to be careful that your code path allows for the case where you want them to use forms auth but they're presenting you with a windows principle identity and ignore that.
在IIS6中不能像在IIS7中那样有选择地设置windows auth。然而,你可以设置家。ashx支持匿名和windows auth;取代HttpContext。在/Login情况下使用User属性,在/WinLogin情况下使用windows原则。但是,您需要注意的是,您的代码路径允许您希望它们使用form auth,但是它们向您显示windows的原则标识,并忽略它。
#1
2
You can't selectively set windows auth in IIS6 like you can in IIS7. You could however set the home.ashx to support anonymous and windows auth; replace the HttpContext.User property in the /Login case and use the windows principle in the /WinLogin case. However, you need to be careful that your code path allows for the case where you want them to use forms auth but they're presenting you with a windows principle identity and ignore that.
在IIS6中不能像在IIS7中那样有选择地设置windows auth。然而,你可以设置家。ashx支持匿名和windows auth;取代HttpContext。在/Login情况下使用User属性,在/WinLogin情况下使用windows原则。但是,您需要注意的是,您的代码路径允许您希望它们使用form auth,但是它们向您显示windows的原则标识,并忽略它。