问题
I have converted a MVC + AngularJS application to use NancyFx + AngularJS (as I wasn't really using any MVC stuff). I am using VS2013 and it runs under IIS (and IIS Express in my dev environment).
I can obtain the current logged in user by examining the server.User component of the OwinEnvironment. I am currently using Microsoft.Owin.Host.SystemWeb as per most of the demos. When I add a RequiresAuthentication to a Get request in my module, I get a pop-up in IE to enter credentials even though I'm logged in. Even when I enter the credentials, I just keep getting pop-ups and it never reaches the site.
I have a couple of questions:
1) If using Windows Authentication and RequiresAuthentication do I still need authentication mode="Windows" in the web.config.
2) Is it possible to use IIS without Microsoft.Owin.Host.SystemWeb in order to avoid the ASP.NET pipeline? I came across articles about Project Helios and Microsoft.Owin.Host.IIS (Nuget) but this hasn't been worked on for a while and is only an Alpha - what's happening with this?
3) What is the de facto way of using IIS, NancyFX and Windows Authentication with RequiresAuthentication and Roles?
I've looked at many articles and stackoverflow questions but have yet to find a definitive answer.
回答1:
1) Yes, you have to tell the IIS module to use Windows Authentication
2) I do not believe so. Although you can do windows auth using OWIN self hosting if you really don't like IIS
Even if you have IIS set to win auth, nancy does not recognize this out of thie box. You can authenticate the current request using the Pipelines.BeforeRequest in the bootstrapper by overriding RequestStartup() and setting the current users, username. The following assumes .NET 4.5
Of course you may want to do standard null checking and what not.
public class User : IUserIdentity
{
private readonly ClaimsPrincipal claimsPrincipal;
public User(ClaimsPrincipal claimsPrincipal)
{
this.claimsPrincipal = claimsPrincipal;
}
public string UserName { get { return claimsPrincipal.Identity.Name; } }
public IEnumerable<string> Claims { get { return claimsPrincipal.Claims.Select(c => c.ToString()); } }
}
public class Bootstrapper : DefaultNancyBootstrapper
{
protected override void RequestStartup(TinyIoCContainer container, IPipelines pipelines, NancyContext context)
{
pipelines.BeforeRequest += ctx =>
{
ctx.CurrentUser = new User(Thread.CurrentPrincipal as ClaimsPrincipal);
return null;
};
}
}
来源:https://stackoverflow.com/questions/28708570/nancyfx-on-iis-and-windows-authentication