Is there a way to disable IIS default authentication in global.asax or somewhere else depending on passed parameters.
有没有办法在global.asax或其他地方禁用IIS默认身份验证,具体取决于传递的参数。
A client requests the same form would be secured using IIS authentication and by providing authentication information in POST variables
客户端请求相同的表单将使用IIS身份验证和POST变量中的身份验证信息进行保护
2 个解决方案
#1
IIS authentication happens before the request is passed to the ASP.NET egine. Therefore, the answer to your question is "no".
IIS身份验证在请求传递给ASP.NET egine之前发生。因此,你的问题的答案是“不”。
However, by enabling anonymous access on IIS only, you can process any authentication (including Basic etc.) in your application without being "intercepted" by IIS.
但是,通过仅在IIS上启用匿名访问,您可以在应用程序中处理任何身份验证(包括Basic等),而不会被IIS“拦截”。
#2
This is not a complete answer, but may give you direction. If you are using IIS 7, then HttpModules are now native to IIS. That is, you can get an implementation of the IHttpModule interface to be used by IIS, regardless of what type of content is being served.
这不是一个完整的答案,但可能会给你指路。如果您使用的是IIS 7,那么HttpModules现在是IIS的原生。也就是说,无论提供什么类型的内容,您都可以获得IIS使用的IHttpModule接口的实现。
I suspect that you can wire such an HttpModule so that it will notice when IIS is failing a request due to a failure of Windows Authentication. If that is possible, then you might still be able to examine the POST variables and give the request a "second chance".
我怀疑你可以连接这样一个HttpModule,以便当IIS因Windows身份验证失败而导致请求失败时会发现它。如果可能,那么您仍然可以检查POST变量并为请求提供“第二次机会”。
I also wonder if it might be possible with IIS 7 to turn this around - have the main site use anonymous authentication so that your code can check the form POST parameters. If that authentication fails, then redirect to the Windows Authentication site.
我也想知道是否有可能使用IIS 7来解决这个问题 - 让主站点使用匿名身份验证,以便您的代码可以检查表单POST参数。如果该身份验证失败,则重定向到Windows身份验证站点。
#1
IIS authentication happens before the request is passed to the ASP.NET egine. Therefore, the answer to your question is "no".
IIS身份验证在请求传递给ASP.NET egine之前发生。因此,你的问题的答案是“不”。
However, by enabling anonymous access on IIS only, you can process any authentication (including Basic etc.) in your application without being "intercepted" by IIS.
但是,通过仅在IIS上启用匿名访问,您可以在应用程序中处理任何身份验证(包括Basic等),而不会被IIS“拦截”。
#2
This is not a complete answer, but may give you direction. If you are using IIS 7, then HttpModules are now native to IIS. That is, you can get an implementation of the IHttpModule interface to be used by IIS, regardless of what type of content is being served.
这不是一个完整的答案,但可能会给你指路。如果您使用的是IIS 7,那么HttpModules现在是IIS的原生。也就是说,无论提供什么类型的内容,您都可以获得IIS使用的IHttpModule接口的实现。
I suspect that you can wire such an HttpModule so that it will notice when IIS is failing a request due to a failure of Windows Authentication. If that is possible, then you might still be able to examine the POST variables and give the request a "second chance".
我怀疑你可以连接这样一个HttpModule,以便当IIS因Windows身份验证失败而导致请求失败时会发现它。如果可能,那么您仍然可以检查POST变量并为请求提供“第二次机会”。
I also wonder if it might be possible with IIS 7 to turn this around - have the main site use anonymous authentication so that your code can check the form POST parameters. If that authentication fails, then redirect to the Windows Authentication site.
我也想知道是否有可能使用IIS 7来解决这个问题 - 让主站点使用匿名身份验证,以便您的代码可以检查表单POST参数。如果该身份验证失败,则重定向到Windows身份验证站点。