使用 Windows 身份验证的 IIS 7.5 和 MVC 3 - 获取静态内容的 401,但从未提示输入凭据
我有一个在带有 IIS 7.5 的 Server 2008 R2 上运行的 MVC 3 站点。我想知道为什么(使用 fiddler)我不断收到静态内容的 401 响应,然后立即收到 302 或 200?这是我需要关心的事情吗?我可以直接在浏览器中导航到给出 401 的内容,并且浏览器会显示它而不提示输入凭据。
如果我对失败的请求进行跟踪,我会得到以下输出:
ModuleName UrlAuthorization
Notification 4
HttpStatus 401
HttpReason Unauthorized
HttpSubStatus 0
ErrorCode 0
ConfigExceptionInfo
Notification AUTHORIZE_REQUEST
ErrorCode The operation completed successfully. (0x0)
我已检查所有目录和文件,并且它们拥有应用程序池用户(域用户)作为拥有完全权限的所有者。
正如我所说,我的网站没有损坏,但我想知道我的设置是否有问题。
提前致谢。
编辑:这是来自 Fiddler 的示例:
I have a MVC 3 site running on Server 2008 R2 with IIS 7.5. I am wondering why, (using fiddler), I keep getting 401 responses on static content followed immediately by either a 302 or a 200? Is this something I need to be concerned about? I can directly navigate in my browser to the content giving a 401, and the browser displays it without prompting for credentials.
If I do a trace on failed requests, I get this as output:
ModuleName UrlAuthorization
Notification 4
HttpStatus 401
HttpReason Unauthorized
HttpSubStatus 0
ErrorCode 0
ConfigExceptionInfo
Notification AUTHORIZE_REQUEST
ErrorCode The operation completed successfully. (0x0)
I have checked all the directories, and files and they have the application pool user, (domain user), as owner with full permissions.
As I said, my site is not broken, but I am wondering if I have an issue with my set up.
Thanks in advance.
EDIT: Here is a sample from Fiddler:
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
好吧...我用一种奇怪的方式解决了这个问题。在 IIS 7.5 中,您可以设置访问文件系统的物理路径时要使用的凭据。默认情况下,它似乎使用“传递”选项……不知怎的,即使 IUSR 有权访问文件系统,这似乎也不起作用。我创建了一个基本用户帐户,授予他们在文件系统上读取的权限,然后在 IIS 下 ->我的网站 [右键] -> “管理网站”-> “高级设置”并更新了物理路径凭据。
奇怪的是,同一服务器上的 Orchard、sharepoint、tfs 和 SSRS 网站没有这个问题......只是我的 MVC3 应用程序从 wwwroot 运行。
Alright ... I resolved this in an odd way. In IIS 7.5 you can set the credentials to use when accessing the physical path for the file system. It appears by default it uses a "pass through" option ... somehow this appears to not work even when IUSR has access on the file system. I made a basic user account, granted them read on the file system, and then under IIS -> my website [Right Click] -> "Manage Website" -> "Advanced Settings" and updated the Physical Path Credentials.
Oddly, Orchard, sharepoint, tfs, and SSRS websites on the same server didn't have this issue ... just my MVC3 app running from wwwroot.
将一个简单的 MVC3 应用程序部署到 IIS 7.5 / Windows 2008R2 中的默认 Web 路径,该应用程序在 Vis2k10 的 Web 服务器中正常工作。即使我在特定模块上使用了[authorize],但在未经身份验证的情况下访问该站点,保留了global.asax.cs中的默认代码,并且确实没有进行太多修改。任何建议将不胜感激。
尝试仅启用匿名以及匿名加表单身份验证,但没有运气。
添加到 web.config 但未成功:
尝试更新模块但未成功:
已验证 IIS 权限是否有权访问文件系统。一旦登录,系统就会像冠军一样工作。
Deployed a simple MVC3 app to the default web path in IIS 7.5 / Windows 2008R2 that works correctly within Vis2k10's web server. Accessing the site unauthenticated, even though I am using the [authorize] on specific modules, retained the default code in global.asax.cs, and really haven't modified much. Any suggestions would be appreciated.
Tried enabling only Anonymous as well as Anonymous plus Forms authentication without luck.
Added to web.config without success:
Tried updating modules without success:
Verified IIS permissions with access to the file system. Once logged in, system works like a champ.
您的内容文件夹中是否有 web.config,或者您的根 web.config 中的内容文件夹或其上方的任何应用程序中是否有任何身份验证规则设置,这可能会导致 Web 配置继承成为问题?
Do you have a web.config in your content folder by any chance or any auth rules setup for the content folder in your root web.config or in any application above it that could cause web config inheritance to be an issue?