How do I set up .NET WindowsAuthentication - the name always shows up as “IIS APPPOOL\Classic .NET AppPool” when I want it to use the actual user

烈酒焚心 提交于 2020-03-13 13:12:45

问题


I'm using the following code to authenticate via Kerberos.

IntPtr logonToken = WindowsIdentity.GetCurrent().Token;
string authenticationType = "WindowsAuthentication";
WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken, authenticationType);

//windowsIdentity.Name == equals "IIS APPPOOL\Classic .NET AppPool" when I want it to be the user

This only happens when I try and run my .NET application the Web Server. If I run the code locally on my machine for debugging, it shows my userid in the Name property. Any suggestions on how to get this working on a web server?


回答1:


You need to enable impersonation in web.config:

To configure ASP.NET to impersonate the Windows identity supplied by IIS as the WindowsIdentity for the ASP.NET application, edit the Web.config file for the application and set the impersonate attribute of the identity configuration element to true, as shown in the following example.

<configuration>
  <system.web>
    <identity impersonate="true" />
  </system.web>
</configuration>

When you run the code locally for debugging you're probably using the web dev server that runs as your logged-in user, which is why you'll see the correct user in debug.




回答2:


Your problem is, your IIS server runs under its own identity, not yours. Therefore, WindowsIdentity.GetCurrent().Token returns IIS work process' identity.

You can configure your website to run under different identity (including yours) using IIS Manager console:



来源:https://stackoverflow.com/questions/6061303/how-do-i-set-up-net-windowsauthentication-the-name-always-shows-up-as-iis-ap

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!