某些用户的 ASP.NET IIS 身份验证问题
我有一个在 IIS6.0 上运行的 ASP.NET 存储库站点,并且有一个无法重现的问题,但其中三个用户每次都会遇到此问题(大约 20 个其他用户运行得很好)。我很确定这与 IIS 身份验证设置有关,但我当然没有排除编码错误。
用户告诉我,出现错误的 3 个用户的共同点是他们已将 60 多个文档上传到网站上。所有用户都位于不同的省份,因此我只有他们拍摄的屏幕截图和用于调试的服务器事件日志。
当尝试访问 ViewPage.aspx 页面(但不是网站上的任何其他页面)时,系统会提示他们输入用户凭据。当他们尝试登录时,他们会再次收到登录提示。他们尝试登录三次后,收到以下错误消息:
HTTP 错误 401.1 - 未经授权:由于凭据无效,访问被拒绝。
系统事件查看器有以下警告(其中任一警告超过 10 条):
事件ID:1011
来源:W3SVC
描述:
为应用程序池“SDAAppPool”提供服务的进程与万维网发布服务发生致命通信错误。进程 ID 为“3264”。数据字段包含错误号。
和
事件ID:1009
来源:W3SVC
描述:
为应用程序池“SDAAppPool”提供服务的进程意外终止。进程 ID 为“2088”。进程退出代码为“0x800703e9”。
安全事件查看器具有以下几种失败审核:
事件ID:560
来源:安全
类别:对象访问
描述:
对象打开:
对象服务器:SC 管理器
对象类型:服务对象
对象名称:WinHttpAutoProxySvc
句柄 ID:-
操作 ID:{0,557880730}
进程 ID:444
映像文件名:C:\WINDOWS\system32\services.exe
主要用户名:EBTOPVNET01$
主域:EBSS
主要登录 ID:(0x0,0x3E7)
客户端用户名:NETWORK SERVICE
客户端域:NT AUTHORITY
客户端登录 ID:(0x0,0x3E4)
访问:查询服务状态
启动服务
从服务中查询信息
特权:-
受限 Sid 计数:0
访问掩码:0x94
应用程序事件查看器有以下错误:
事件ID:5000
来源:.NET 运行时 2.0 错误
用户:不适用
描述:
事件类型 clr20r3、P1 w3wp.exe、P2 6.0.3790.3959、P3 45d691cc、P4 system.data、P5 2.0.0.0、P6 4889ece0、P7 1849、P8 0、P9 system.stackoverflowexception、P10 NIL。
我的 web.config 具有以下身份验证/授权代码:
<authentication mode="Windows"/>
<authorization>
<deny users="?"/>
</authorization>
并且我在 ViewPage.aspx 页面上使用以下用户检查:
UsersService us = new UsersService();
TList<Users> currUser = us.Find("Ntid = '" + User.Identity.Name + "'");
int userID = 0;
if (currUser.Count != 0 )
{
userID = currUser[0];
}
并使用该 userID 来检查访问权限等。如果 userID == 0 他们仅获得读取访问权限(我认为如果 User.Identity.Name 返回空,这会给用户读取访问权限而不是 401 错误)。我在另一个页面上进行了相同的用户检查,并且用户访问它没有问题。
根据我几天在谷歌上搜索各种子问题,我不确定所有这些事实是否相关,但我已经包含了我能想到的所有内容。如果我错过了任何相关的内容,请告诉我。任何有关从哪里开始调查或能够在我的本地主机上重现此问题以便我可以调试的方法的想法将不胜感激。谢谢。
I have an ASP.NET repository site running on IIS6.0 and I have an issue that I can't reproduce, but three of the users have this problem every time (~20 other users run just fine). I'm pretty sure it has something to do with the IIS Authentication setup, but I certainly haven't ruled out a coding mistake.
The users tell me that the common factor between the 3 that get the error is that they have uploaded over 60 documents onto the site. All the users are in a different province so I only have screenshots they've taken and server event logs to debug by.
When attempting to go to the ViewPage.aspx page (but not any other page on the site) they are prompted for their user credentials. When they try to log on, they receive the logon prompt again. After they try to log on three times, they receive the following error message:
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
The System Event Viewer has the following warnings (more than 10 of either one of them):
EventID:1011
Source: W3SVC
Description:
A process serving application pool 'SDAAppPool' suffered a fatal communication error with the World Wide Web Publishing Service. The process id was '3264'. The data field contains the error number.
and
EventID:1009
Source: W3SVC
Description:
A process serving application pool 'SDAAppPool' terminated unexpectedly. The process id was '2088'. The process exit code was '0x800703e9'.
The Security Event Viewer has several of the following Failure Audit:
EventID: 560
Source: Security
Category: Object Access
Description:
Object Open:
Object Server: SC Manager
Object Type: SERVICE OBJECT
Object Name: WinHttpAutoProxySvc
Handle ID: -
Operation ID: {0,557880730}
Process ID: 444
Image File Name: C:\WINDOWS\system32\services.exe
Primary User Name: EBTOPVNET01$
Primary Domain: EBSS
Primary Logon ID: (0x0,0x3E7)
Client User Name: NETWORK SERVICE
Client Domain: NT AUTHORITY
Client Logon ID: (0x0,0x3E4)
Accesses: Query status of service
Start the service
Query information from service
Privileges: -
Restricted Sid Count: 0
Access Mask: 0x94
The Application Event Viewer has the following Errors:
EventID: 5000
Source: .NET Runtime 2.0 Error
User: N/A
Description:
EventType clr20r3, P1 w3wp.exe, P2 6.0.3790.3959, P3 45d691cc, P4 system.data, P5 2.0.0.0, P6 4889ece0, P7 1849, P8 0, P9 system.stackoverflowexception, P10 NIL.
My web.config has the following authentication/authorization code:
<authentication mode="Windows"/>
<authorization>
<deny users="?"/>
</authorization>
and I use the following user check on the ViewPage.aspx page:
UsersService us = new UsersService();
TList<Users> currUser = us.Find("Ntid = '" + User.Identity.Name + "'");
int userID = 0;
if (currUser.Count != 0 )
{
userID = currUser[0];
}
and use that userID for checking access and such. If the userID == 0 they get read access only (which I would think would give the users read access instead of 401 errors if User.Identity.Name returned empty). I do the same user check on another page and the users have no problems accessing it.
Based on my few days of googling the various sub-issues I'm not sure if all these facts are relevant, but I've included everything I could think of. If there is anything relevant that I missed let me know. Any ideas on where to start investigating or a way to be able to reproduce this on my localhost so I can debug would be greatly appreciated. Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
从进程退出代码来看,似乎正在发生某种递归并且永远不会展开。令人惊叹的 Tess Ferrandez 写了一篇很棒的文章,解释了如何调试这样的问题:
From the process exit code it looks like some kind of recursion is taking place and never unwinding. There's a great article by the amazing Tess Ferrandez that explains how to debug such an issue: