几件事:

1. 禁用匿名身份验证时，会弹出一个对话框，因为浏览器可能不信任该站点.您需要打开Internet选项(从Windows控制面板)->安全"选项卡->单击受信任的站点"->单击站点"，然后将URL添加到您的站点中. IE和Chrome都使用这些设置来决定是否自动发送您的凭据.

1. When you disable anonymous authentication, you get a popup because the browser likely doesn't trust the site. You need to open Internet Options (from the Windows Control Panel) -> Security tab -> Click 'Trusted Sites' -> Click 'Sites' and add the URL to your site there. Both IE and Chrome use those settings for deciding whether to automatically send your credentials.

当您同时启用了 和Windows身份验证时，除非您告诉用户必须登录，否则匿名将具有优先权.为此，请使用[Authorize]可以是控制器上的属性，也可以是单个动作上的属性.

When you have both anonymous and Windows authentication enabled, anonymous takes precedence except in place where you tell it that the user must be logged in. To do that, use the [Authorize] attribute either on a controller, or just on individual actions.

此处允许匿名访问"下的更多详细信息: https://docs.microsoft.com/zh-cn/aspnet/core/security/authentication/windowsauth?view=aspnetcore-2.0& tabs = aspnetcore2x#allow-anonymous-access

More details here, under the heading "Allow Anonymous Access": https://docs.microsoft.com/en-us/aspnet/core/security/authentication/windowsauth?view=aspnetcore-2.0&tabs=aspnetcore2x#allow-anonymous-access