ASP.NET 成员身份 - 哪个用户经过身份验证，哪个用户被模拟？

发布于 2024-07-20 07:22:24 字数 1202 浏览 1 评论 0原文

我在尝试了解 ActiveDirectory 和 ASP.NET 成员资格如何工作时有点困惑...我创建了一个新的 MVC 项目并删除了 AccountController / Views。我更改了 Web.Config，以便它使用 ActiveDirectory 并根据当前的 Windows 登录自动对用户进行身份验证：

Web.Config

<authentication mode="Windows">
    <forms
    name=".ADAuthCookie"
    timeout="10" />
</authentication>

<membership defaultProvider="MyADMembershipProvider">
  <providers>
    <clear/>
      <add
         name="MyADMembershipProvider"
         type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
         connectionStringName="ADConnectionString"
         connectionUsername="MYDOMAIN\myuser"
         connectionPassword="xxx"
         />
  </providers>                 
</membership>

这很好用，因为我可以执行以下操作来获取用户用户名，例如this：

User.Idenity.Name()  'Gives MYDOMAIN\myuser

看看下面的内容，实际上让我很困惑：

Threading.Thread.CurrentPrincipal.Identity.Name() 'Gives MYDOMAIN\myuser

1。线程标识不应该是 IUSR_WORKSTATION 或 ASPNET_WP 用户名吗？
2. 身份验证和模拟有什么区别？

原文

i'm a little confused while trying to find out how ActiveDirectory and ASP.NET Membership work... I've created a new MVC project and removed the AccountController / Views. I've changed the Web.Config so that it uses ActiveDirectory and automatically authenticates users based on their current Windows login:

Web.Config

<authentication mode="Windows">
    <forms
    name=".ADAuthCookie"
    timeout="10" />
</authentication>

<membership defaultProvider="MyADMembershipProvider">
  <providers>
    <clear/>
      <add
         name="MyADMembershipProvider"
         type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
         connectionStringName="ADConnectionString"
         connectionUsername="MYDOMAIN\myuser"
         connectionPassword="xxx"
         />
  </providers>                 
</membership>

This works nicely, as I can do the following to get the users username like this:

User.Idenity.Name()  'Gives MYDOMAIN\myuser

Looking at the following, actually makes me confused:

Threading.Thread.CurrentPrincipal.Identity.Name() 'Gives MYDOMAIN\myuser

1. Shouldn't the thread identity be IUSR_WORKSTATION or ASPNET_WP username?
2. What's the difference between Authentication and Impersonation?

分享到QQ

分享到微博