网站配置
我(开发人员)和一名用户 (DOMAIN_NAME\USER_NAME) 需要访问一个网站。
当我使用 VS 创建的“自动主机”在 Visual Studio 中开发网站时,web.config 中的以下设置就足够了:
<authentication mode="Windows"/>
<authorization>
<allow users="DOMAIN_NAME\my_name,DOMAIN_NAME\USER_NAME" />
<deny users="*" />
</authorization>
但是当我在 IIS 中创建网站时,我收到错误:
访问被拒绝。
描述:访问服务此请求所需的资源时发生错误。服务器可能未配置为访问所请求的 URL。
错误消息 401.2.:未经授权:由于服务器配置导致登录失败。根据您提供的凭据以及 Web 服务器上启用的身份验证方法,验证您是否有权查看此目录或页面。请联系 Web 服务器的管理员以获得更多帮助。
需要指定 ApplicationPoolIdentity 和网站本身的哪些设置?
多谢!
编辑:
我已将本地 IIS 的应用程序池配置为使用“LocalSystem”身份,网站 - 使用“直通”身份验证,并按照建议禁用“匿名身份验证”,启用“Windows 身份验证” “ - 并且网站在本地变得可行。
但在本地我有 Windows 7 (IIS7),但在“测试”环境(我需要部署网站)上我有 Windows 2008 服务器,它没有启用“Windows 身份验证”的选项...不知道为什么...可能这是针对更高级别的管理员,但我是管理员组的成员...
猜猜,我做错了什么...
请指教。
One web site is required to be accessed by me (developer) and one user (DOMAIN_NAME\USER_NAME).
When I developed web site in visual studio using "automatic host" created by VS, the following settings in web.config were enough:
<authentication mode="Windows"/>
<authorization>
<allow users="DOMAIN_NAME\my_name,DOMAIN_NAME\USER_NAME" />
<deny users="*" />
</authorization>
But when I created web site in IIS I'm receiving error:
Access is denied.
Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.
What setting for ApplicationPoolIdentity and web site itself are required to be specified?
Thanks a lot!
EDIT:
I've configured Application Pool of local IIS to use 'LocalSystem' identity, web site - to use "pass-through" authentication, and as suggested disabled "Anonymous Authentication", enabled "Windows Authentication" - and web site locally became workable.
But locally I have windows 7 (IIS7), but on "TEST" environment (where I need to deploy web site) I have windows 2008 server and it doesn't have option to enable "Windows Authentication"... don't know why... probably that is for higher level of administrator, but I'm a member of Administrators group...
Guess, I'm doing something wrong...
Please advise.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您的 web.config 设置正确。此外,确保 IIS 站点/应用程序配置为:
IIS7
IIS6
中找到下面的对话框
Your web.config is set up properly. Further, ensure the IIS site/app is configured as:
IIS7
IIS6
Find the dialog below at
也许它会有用:我开始收到 401.2。受保护路径 amd Forms auth 中的 .ASPX 应用程序中出现错误(应用程序中未进行任何更改):
在同一计算机/IIS 上启动其他 MVC 应用程序后。看来 MVC 改变了服务器配置中的某些内容(我相信是路由)。任何在 IIS(计算机/服务器/站点)中使用身份验证的操作都没有帮助。但 Next 有所帮助:我已将 Web 应用程序的应用程序池从 .Net 4.5 更改为 .Net 4.5 Classic。池托管管道模式、集成/经典的区别。
Maybe it can be useful: I started to receive 401.2. error in .ASPX application (no changes in the app made), in protected path amd Forms auth.:
AFTER launching of other MVC applications on same computer/IIS. It seems MVC changed something in server's config (routes, I believe). Any playing with Authentication in IIS (computer/server/site) did not help. But Next helped: I have changed Application pool from .Net 4.5 to .Net 4.5 Classic for the web application. The difference in pool Managed pipeline mode, Integrated/Classic.
如果您使用的是本地 IIS,而不是带有 Windows 身份验证的 IIS Express,请确保已打开并正确配置 IIS ASP.NET 功能。 (请参阅https://stackoverflow.com/a/12867753/888792)
此外,当 Visual Studio 构建和发布您的网站时对于 IIS 虚拟目录,您可能需要在父站点虚拟目录节点级别启用 Windows 身份验证并禁用匿名身份验证:
If you're using your Local IIS instead of IIS Express with Windows Authentication, make sure you have IIS ASP.NET features turned on and configured properly. (See https://stackoverflow.com/a/12867753/888792)
Also, when Visual Studio builds and publishes your website to an IIS Virtual Directory, you may need to Enable Windows Authentication and Disable Anonymous Authentication at the Parent Site Virtual Directory node level: