监管用户访问IIS上的站点(Regulation user access to the site on IIS)

监管用户访问IIS上的站点(Regulation user access to the site on IIS)

我有一个应用程序，在开发时应该对Internet开放。 该应用程序有自己的授权（表单）。

我们无法通过一系列IP地址限制对服务器的访问。 我们还需要该站点的行为与没有全局访问检查（此环境中的QA测试应用程序）相似。

如何访问可以安排在IIS？

用户步骤：

转到site.com 用户看到一个弹出窗口（全局用户名;全局密码 - 所有用户都一样） 重定向到网站（作为匿名用户） 转到登录页面并输入本地用户名和密码（特定于当前用户）

我会很感激任何建议

谢谢

I have an application that should be open to the Internet at the time of development. The application has its own authorization (forms).

We can not restrict access to the server over a range of IP addresses. We also need the site to behave similarly as in the absence of global access check (QA test application in this environment).

How to access can be arranged at IIS?

User steps:

Go to site.com User sees a pop-up window (global user name; global password - the same for all users) Redirect to site (as anonymous user) Go to login page and enter local user name and password (specific for current user)

I will be grateful for any advice

Thanks

最满意答案

创建过滤器（从ActionFilterAttribute继承）

覆盖OnActionExecuting方法（检查自定义cookie）。 如果缺少自定义身份验证cookie：

filterContext.HttpContext.Response.Clear（）; filterContext.HttpContext.Response.StatusDescription =“未经授权”; filterContext.HttpContext.Response.AddHeader（“WWW-Authenticate”，“Basic realm = \”Secure Area \“”）; filterContext.HttpContext.Response.Write（“401，please authenticate”）; filterContext.HttpContext.Response.StatusCode = 401; filterContext.Result = new EmptyResult（）; filterContext.HttpContext.Response.End（）; base.OnActionExecuting（filterContext）;

在Application_Start（）中的Global.asax中注册过滤器

Create filter (inherit from ActionFilterAttribute)

Override OnActionExecuting method (check custom cookie). If custom auth cookie absent:

filterContext.HttpContext.Response.Clear(); filterContext.HttpContext.Response.StatusDescription = "Unauthorized"; filterContext.HttpContext.Response.AddHeader("WWW-Authenticate", "Basic realm=\"Secure Area\""); filterContext.HttpContext.Response.Write("401, please authenticate"); filterContext.HttpContext.Response.StatusCode = 401; filterContext.Result = new EmptyResult(); filterContext.HttpContext.Response.End(); base.OnActionExecuting(filterContext);

Register filter in Global.asax in Application_Start()