更新时间:2023-02-06 22:43:30
您是否同时为集成身份验证配置了IIS和该应用程序?
Have you configured both IIS and the app for integrated authentication?
在您的web.config中,通过设置forwardWindowsAuthToken="true"
In your web.config do you have the asp.net core module set to forward Windows Identities, by setting forwardWindowsAuthToken="true"
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*"
modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="%LAUNCHER_PATH%"
arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false"
stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="true" />
</system.webServer>
</configuration>
在您的program.cs中,您是否了解过与.UseIISIntegration()
的IIS集成?
In your program.cs have you plumbed in IIS integration with .UseIISIntegration()
?
var host = new WebHostBuilder()
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup<Startup>()
.Build();
您是否已在Startup.cs的ConfigureServices()方法中添加了授权并将其放在AddMvc()之前?
Have you added authorization in your ConfigureServices() method in Startup.cs and put it before AddMvc()?
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorization();
services.AddMvc();
}
当我准备好所有这些内容后,就可以根据角色高兴地进行授权,例如,将[Authorize(Roles = "REDMOND\\scottgu_org_fte")]
放在家庭控制器上,就可以了.
When I have all those things in place I can happily authorize based on roles, for example I put [Authorize(Roles = "REDMOND\\scottgu_org_fte")]
on my home controller and I get in just fine.
使用@"REDMOND\\scottgu_org_fte"
无效,因为这会使字符串文字 verbatim ,因此它正在尝试评估Domain\\group
,并且双斜杠是错误的. @"REDMOND\scottgu_org_fte"
仍然可以.
Using @"REDMOND\\scottgu_org_fte"
won't work, because that makes the string literal verbatim, so it's trying to evaluate Domain\\group
, and double slashes are wrong. @"REDMOND\scottgu_org_fte"
would work though.