ASP.NET核心2.0 HttpSys Windows身份验证失败,属性为Authorize (InvalidOperationException:未指定authenticationScheme )
我正在尝试将ASP.NET Core1.1应用程序迁移到ASP.NET Core2.0。
这个应用程序相当简单,涉及到以下内容:
匿名身份验证(以前的WebListener)
- Using Windows身份验证:
options.Authentication.Schemes = AuthenticationSchemes.NTLM
- Allowing匿名身份验证: HttpSys )上托管的匿名身份验证(因为有一些不需要身份验证的控制器需要身份验证用
[Authorize]属性修饰。
项目编译和启动都很好。它还为不需要身份验证的控制器的操作提供服务。
然而,只要我点击一个带有[Authorize]属性的控制器,我就会得到以下异常:
System.InvalidOperationException: No authenticationScheme was specified,
and there was no DefaultChallengeScheme found.
at Microsoft.AspNetCore.Authentication.AuthenticationService.<ChallengeAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.ChallengeResult.<ExecuteResultAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeResultAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeFilterPipelineAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.<InvokeAsync>d__15.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Builder.RouterMiddleware.<Invoke>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.<Invoke>d__7.MoveNext()我开始摆弄项目模板,并注意到我可以使用带有ASP.NET身份验证的标准模板Windows应用程序(模型-视图-控制器)轻松地重现这些模板。
对Program.cs文件进行了如下更改:
public static IWebHost BuildWebHost(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseHttpSys(options =>
{
options.Authentication.Schemes = AuthenticationSchemes.NTLM;
options.Authentication.AllowAnonymous = true;
options.MaxConnections = 100;
options.MaxRequestBodySize = 30000000;
options.UrlPrefixes.Add("http://localhost:5000");
})
.UseStartup<Startup>()
.Build();这直接来自HttpSys documentation。我还向HomeController类添加了[Authorize]属性。现在,它将产生与所示完全相同的异常。
我找到了一些相关的Stack Overflow帖子(here,here和here),但没有一个涉及普通的Windows身份验证(而且答案似乎并不通用)。
回答 4
Stack Overflow用户
发布于 2017-08-22 20:47:02
在写这篇文章的时候,我记得偶然看到了迁移指南的this subsection。上面写着要添加
services.AddAuthentication(Microsoft.AspNetCore.Server.IISIntegration.IISDefaults.AuthenticationScheme);添加到ConfigureServices函数。
我最初认为这不适用于HttpSys,因为常量的全名(特别是IISIntegration把我弄糊涂了)。此外,在撰写本文时,HttpSys documentation完全没有提到这一点。
对于那些面向完整.NET框架的用户,这需要安装Microsoft.AspNetCore.Authentication NuGet包。
编辑
正如Tratcher所指出的,在HttpSys名称空间中有一个类似的常量,您应该使用它:
Microsoft.AspNetCore.Server.HttpSys.HttpSysDefaults.AuthenticationSchemeStack Overflow用户
发布于 2017-10-26 12:36:08
安德烈亚斯的回答让我走上了正确的道路,但这是对我有效的:
添加了对Microsoft.AspNetCore.Authentication的包引用
然后是Startup.cs
using Microsoft.AspNetCore.Server.IISIntegration;
public void ConfigureServices(IServiceCollection services)
{
...
services.AddAuthentication(IISDefaults.AuthenticationScheme);
...
}Stack Overflow用户
发布于 2019-05-10 03:50:09
另外,如果你已经添加了services.AddAuthentication(IISDefaults.AuthenticationScheme);,请确保在iis的->身份验证下打开一个身份验证类型(windows,forms)。我的代码都被禁用了,即使在代码到位的情况下也会出现这个错误。
https://stackoverflow.com/questions/45818095
复制相似问题