C# 将旧Web表单移植到OWIN时未经授权获取HTTP 401.2
我遵循了以下步骤,因此我的代码如下所示:C# 将旧Web表单移植到OWIN时未经授权获取HTTP 401.2,c#,asp.net,authentication,authorization,owin,C#,Asp.net,Authentication,Authorization,Owin,我遵循了以下步骤,因此我的代码如下所示: public void Configuration(IAppBuilder app) { app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions() { CookieSecure = Cookie
public void Configuration(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions() { CookieSecure = CookieSecureOption.Never });
app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions()
{
MetadataAddress = "https://login.windows.net/#####.onmicrosoft.com/federationmetadata/2007-06/federationmetadata.xml",
Wtrealm = "http://localhost:33210/",
// SignInAsAuthenticationType = // This is picked up automatically from the default set above
});
app.Use(async (context, next) =>
{
var user = context.Authentication.User;
if (user == null || user.Identity == null || !user.Identity.IsAuthenticated)
{
context.Authentication.Challenge();
return;
}
await next();
});
}
该应用程序是Web表单和MVC的混合体。我已经从IIS中删除了所有身份验证类型,删除了授权
,成员资格
,角色管理器
,并在web.config
中设置了身份验证模式=“无”
现在,当我通过Default.aspx、一个[Authorize]
控制器或强制质询的显式AccountController访问站点时:
public void SignIn()
{
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties { RedirectUri = "/" },
WsFederationAuthenticationDefaults.AuthenticationType);
}
}
所有这些都会导致HTTP错误401.2由于身份验证标头无效,您无权查看此页面。我遗漏了什么?问题是
我已从IIS中删除所有身份验证类型
IIS中至少需要选择匿名身份验证
。通过在IIS Express的项目属性中禁用Windows和匿名身份验证等示例应用程序,同样的错误可能会重现