问题
I'm writing an ASP.NET (MVC 3) web app that's running in IIS 7. It will be accessed by intranet users, probably from the same Windows domain that the web server is in, and I'd like it to recognise the currently logged on Windows user whenever possible. However, I never want the browser to pop up the authentication dialog box. So, I want to use integrated authentication, but without bothering the user. If they're browsing in Firefox or their security settings don't allow automatic logon or whatever then just treat them as an anonymous user. Is there any way to do this?
回答1:
Not really. To enable integrated authentication, the server needs to send a header to the browser. Most browsers respond to this header in 1 of 2 ways. They'll either silently respond with the correct token, as IE does, or they'll prompt for credentials, as Firefox does or IE does if it can't generate the right token because integrated auth is off or it's on another domain.
You could detect FF and respond differently, but there is no way of detecting if IE has integrated auth switched off.
来源:https://stackoverflow.com/questions/6488865/optional-windows-integrated-authentication-for-internet-explorer