通过 Intranet Web 应用程序从用户计算机登录 Windows,无需提示输入用户名/密码
我正在 IE 商店中创建一个 Intranet Web 应用程序,并且希望检索用户登录的计算机用户名,而不提示输入用户名/密码组合。这很容易,直到应用程序被放置在网络服务器上。似乎从这里开始我尝试的每个组合都会导致空字符串或提示输入登录信息。
我已经定义:
<authentication mode="Windows"/>
<identity impersonate="true"/>
并且我正在尝试这些选项:
Response.Write("HttpContext: " & HttpContext.Current.User.Identity.Name & " \n")
Response.Write("Windows Identity: " & WindowsIdentity.GetCurrent.Name & " \n")
Response.Write("Thread: " & Thread.CurrentPrincipal.Identity.Name & " \n")
Response.Write(Request.ServerVariables("LOGON_USER"))
Response.Write(User.Identity.Name)
这些选项与 IIS 设置的任何组合似乎都不适合我。我采取了错误的方法吗?这可能吗?我该如何解决这个问题?
每当我将 IIS 切换为使用 Windows 集成身份验证时,它都会提示我输入用户名/密码。这是为什么呢?我怎样才能阻止它?
我想要的一个例子(如果不清楚)是
域名/用户名 或者 家/查理
I'm creating an intranet web-application in an IE shop and I'm looking to retrieve the user's logged-in computer username without prompting for a username/password combination. This is easy, until the application is placed on a webserver. It seems that every combination I try from here on in results in either a null string or prompting for login information.
I have defined:
<authentication mode="Windows"/>
<identity impersonate="true"/>
And I'm trying these options:
Response.Write("HttpContext: " & HttpContext.Current.User.Identity.Name & " \n")
Response.Write("Windows Identity: " & WindowsIdentity.GetCurrent.Name & " \n")
Response.Write("Thread: " & Thread.CurrentPrincipal.Identity.Name & " \n")
Response.Write(Request.ServerVariables("LOGON_USER"))
Response.Write(User.Identity.Name)
None of these with any combination of IIS settings seems to be working for me. Have I taken the wrong approach? Is this possible? How can I solve this?
Whenever I switch my IIS to use Windows Integrated Authentication, it prompts me for a username/password. Why is this? How can I stop it?
An example of what I want (if it's not clear), is
DOMAINNAME/USERNAME
or
HOME/CHARLIE
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
确保托管您的应用程序的服务器位于 IE 安全设置下的 Intranet 区域中;默认情况下,IE 不会自动将 Windows 身份验证凭据发送到其他区域中的站点。您可能还需要将站点的主机名添加到受信任的站点区域。
如果您的网站类似于 Intranet.mydomain.com,并且您的用户正在针对 mydomain.com 的 Active Directory 服务器进行身份验证,则这将自动发生;否则,您需要修改 IE 的设置,或将您的应用程序托管在属于您的 Active Directory 域成员的服务器上。
Make sure that the server(s) that host your application are in the Intranet zone under IE's security settings; by default, IE doesn't automatically send Windows authentication credentials to sites in other zones. You may also need to add your site's hostname(s) to the Trusted sites zone.
If your website is something like intranet.mydomain.com and your users are authenticating against an Active Directory server for mydomain.com, this will happen automatically; otherwise, you'll need to modify IE's settings, or host your app on a server that's a member of your Active Directory domain.
我想您可能想要设置网站以使用 集成 Windows 身份验证。
I think you may want to set up the web site to use Integrated Windows Authentication.
冒充和授权是一头棘手的野兽。就您而言,您至少需要为您的网站使用集成身份验证。
有关详细信息,请参阅MSDN 上有关模拟和委托的文章
Impersonation and delegation is a tricky beast. In your case, you need to use Integrated Authentication for your web site, at the least.
See this article on MSDN about impersonation and delegation for more information
另请确保在 IE 中启用“启用集成 Windows 身份验证”设置。
Also make sure that in IE, the setting "Enable Integrated Windows Authentication" is enabled.
基本上确保您域中的用户 IE 浏览器将在不提示的情况下对用户进行身份验证。这是客户端浏览器设置问题。
Basically make sure the users IE browser in your domain will authenticate the user without prompting them. It is a client browser setting issue.