如何设置.NET WindowsAuthentication

本文介绍了如何设置.NET WindowsAuthentication-名称始终显示为"IIS APPPOOL \ Classic .NET AppPool"；当我希望它使用实际用户时的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我正在使用以下代码通过Kerberos进行身份验证.

I'm using the following code to authenticate via Kerberos.

IntPtr logonToken = WindowsIdentity.GetCurrent().Token; string authenticationType = "WindowsAuthentication"; WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken, authenticationType); //windowsIdentity.Name == equals "IIS APPPOOL\Classic .NET AppPool" when I want it to be the user

仅当我尝试在Web服务器上运行.NET应用程序时，才会发生这种情况.如果我在机器上本地运行代码进行调试，它将在Name属性中显示我的用户ID.关于如何使其在Web服务器上运行的任何建议?

This only happens when I try and run my .NET application the Web Server. If I run the code locally on my machine for debugging, it shows my userid in the Name property. Any suggestions on how to get this working on a web server?

推荐答案

您需要在web.config中启用模拟:

要将ASP.NET配置为将IIS提供的Windows身份模拟为ASP.NET应用程序的WindowsIdentity，请编辑该应用程序的Web.config文件，并将身份配置元素的模拟属性设置为true，如图所示在下面的示例中.

To configure ASP.NET to impersonate the Windows identity supplied by IIS as the WindowsIdentity for the ASP.NET application, edit the Web.config file for the application and set the impersonate attribute of the identity configuration element to true, as shown in the following example. <configuration> <system.web> <identity impersonate="true" /> </system.web> </configuration>

在本地运行代码进行调试时，您可能正在使用以登录用户身份运行的Web开发服务器，这就是为什么您会在调试中看到正确的用户的原因.

When you run the code locally for debugging you're probably using the web dev server that runs as your logged-in user, which is why you'll see the correct user in debug.