问题
I have a web project that uses Active Directory authorization (All controllers marked with AuthorizeAttribute). In web.config i have following authentification section:
<authentication mode="Windows" />
<authorization>
<deny users="?" />
</authorization>
The problem is: When i run project under Visual Studio Development Server everything goes fine, it pops authorization window, after entering login/password i can see all site contents.
But, when i try to run it under IIS (7.5) authorization window still pops, but login/password is always incorrect (looks like it cannot access AD). Site is configured to use windows authorization. Application pool runs using my windows login/password. What am i missing?
回答1:
If your host header file is pointing to 127.0.0.1, it may be the authentication loopback check.
If that is the case, the answer is already detailed at why does windows authentication / impersonation fail on asp.net application with iis 7.5 / windows 7 /. In short, open regedit, and add a DWORD DisableLoopbackCheck = 1 to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
回答2:
I was having same problem, following solved my problem:
- Select website
- Select "Features View".
- Open "Authentication" section. Note: I am Assuming your website has Windows Authentication enabled as stated above by you.
- Select "Windows Authentication"
- In right side "Actions" section, click on providers.
- Now from "Providers" Pop-up select "Negotiate" and remove it.
- refresh website & run
Please let me know if it works for you.
来源:https://stackoverflow.com/questions/16143432/active-directory-authorization-iis-vs-visual-studio-dev-server