Question

在ASP.NET核心2.0中使用http.sys作为Web服务器时，无法同时启用匿名和Windows身份验证。当我在IIS中托管但拒绝在http.sys服务器中工作时，它工作正常。 HomeController [Authorize]操作上的方法标记Windows因HTTP 500而失败，并且从不提示进行身份验证。

Program.cs的

   .UseHttpSys(options =>
    {
        options.Authentication.Schemes =  AuthenticationSchemes.Negotiate | 
   AuthenticationSchemes.NTLM;
        options.Authentication.AllowAnonymous = true;
        options.UrlPrefixes.Add("http://localhost:5000");
    })

HomeController.cs

[Authorize]
    public class HomeController : Controller
    {
        [Authorize]
        public IActionResult Windows()
        {
            return Content ("You are " + User.Identity.Name +  "; Authentication Type:" + User.Identity.AuthenticationType );
        }

        [AllowAnonymous]
        public IActionResult Anonymous()
        {
            return Content ("You are " + User.Identity.Name +  "; Authentication Type:" + User.Identity.AuthenticationType );;
        }
    }

异常

An unhandled exception occurred while processing the request.

InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found.
Microsoft.AspNetCore.Authentication.AuthenticationService+<ChallengeAsync>d__11.MoveNext()

Answer 1

需要在“服务”部分添加以下内容，尽管事实上它并未在IIS中托管

services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme);

每 ASP.NET Core 2.0 HttpSys Windows Authentication fails with Authorize attribute (InvalidOperationException: No authenticationScheme was specified)

如何在ASP.NET Core 2.0中同时使用匿名和Windows身份验证

1 个答案: