身份éªè¯åææ
Windows身份éªè¯å Windows æææ¯ä¸¤ä¸ªç»å¸¸äºç¨çæ¯è¯ãä½æ¯ï¼å®ä»¬çå«ä¹å¹¶ä¸ç¸åãWindows 身份éªè¯å
许æ¶ä»¶äººç¡®å®ç¨æ·ç身份ãWindows ææåå³å®ç¨æ·å¯ä»¥è®¿é®çèµæºã
é
ç½® Web åºç¨ç¨åºä½¿ç¨ Windows 身份éªè¯
è¦é
ç½® Web åºç¨ç¨åºä½¿ç¨ Windows 身份éªè¯ï¼è¯·éµå¾ªä»¥ä¸æ¥éª¤ï¼
å建ä¸ä¸ªå为 ASPNETWinAuth ç ASP.NET Web åºç¨ç¨åºãé»è®¤æ
åµä¸åºç° WebForm1.aspx æ件ã
å¨ WebForm1.aspx ç HTML è§å¾ä¸ï¼ç¨ä»¥ä¸ç¤ºä¾ä»£ç æ¿æ¢ç°æ代ç ï¼
<%=User.Identity.Name%>
åå»å¼å§ï¼æåç¨åºï¼æå管çå·¥å
·ï¼ç¶ååå»Internet ä¿¡æ¯æå¡ã
åºç°âInternet ä¿¡æ¯æå¡ MMCâãå±å¼è®¡ç®æºï¼ç¶åå±å¼ä½¿ç¨ Windows 身份éªè¯ç Web ç«ç¹ã
åå»ASPNETWinAuth Web ç«ç¹åºç¨ç¨åºã
å¨æä½ èåä¸ï¼åå»å±æ§ã
å¨å±æ§ä¸ï¼åå»ç®å½å®å
¨ é项å¡ã
å¨å¿å访é®å身份éªè¯æ§å¶ä¸ï¼åå»ç¼è¾ã
å¨èº«ä»½éªè¯æ¹æ³ä¸ï¼åå»éæ©éæ Windows 身份éªè¯ãåå»æ¸
é¤ææå
¶ä»å¤éæ¡ã
åå»ç¡®å®ã
å¨å±æ§ä¸ï¼åå»ç¡®å®ãASPNETWinAuth Web åºç¨ç¨åºç°å¨é
置为æ¥åææç¨æ·å¸æ·ã
é
ç½® ASP.NET åºç¨ç¨åº
é
ç½®äº IIS Web ç«ç¹ä½¿ç¨éæ Windows 身份éªè¯åï¼å¿
é¡»é
ç½® ASP.NET åºç¨ç¨åºä»¥è¯å«ç»è¿èº«ä»½éªè¯çç¨æ·ã为æ¤ï¼å¿
é¡»æ´æ¹ Web.config æ件ãå¨ Web.config æ件ä¸ï¼æ¾å° <authentication> æ å¿ï¼ç¶åå°mode å±æ§è®¾ç½®ä¸ºWindowsï¼å¦ä»¥ä¸ç¤ºä¾æ示ï¼
<authentication mode="Windows" />
æµè¯èº«ä»½éªè¯
è¦æµè¯ Windows 身份éªè¯è®¾ç½®ï¼è¯·éµå¾ªä»¥ä¸æ¥éª¤ï¼
å¨ Microsoft Internet Explorer ä¸ï¼æ¥ç WebForm1.aspx 页ã该页ä½äº
http://Localhost æ件夹ä¸ãä¾å¦ï¼
http://Localhost/ASPNETWinAuth/WebForm1.aspx
ç±äºéæ Windows 身份éªè¯ä½¿ç¨å®¢æ·ç«¯è®¡ç®æºä¸çå½å Windows ç¨æ·ä¿¡æ¯è¿è¡èº«ä»½éªè¯ï¼å æ¤å®ä¸ç«å»æ示ç¨æ·è¾å
¥ç¨æ·ååå¯ç ãä¸è¿ï¼å¦æ身份éªè¯äº¤æ¢æ æ³è¯å«ç¨æ·ï¼åå°åºç°ä¸ä¸ªå¯¹è¯æ¡ï¼æ示ç¨æ·è¾å
¥ Windows ç¨æ·å¸æ·çç¨æ·ååå¯ç ã
é®å
¥ææçç¨æ·ååå¯ç ãå½é¡µé¢è½½å
¥åï¼æ¨çç¨æ·åå°ä»¥ä¸é¢çæ ¼å¼åºç°ï¼
å å\ç¨æ·å
éå¶è®¿é®
å¨ ASP.NET ä¸ï¼éè¿å¨ Web.config æ件ä¸æ·»å 设置ï¼å¯ä»¥è®¾ç½®å¯¹åºç¨ç¨åºçææãå¯ä»¥æå¦ä¸æ示æå®åªäºç¨æ·æç»ææ访é®åªäºèµæºï¼
è¦å
许å为âManagersâç NT ç»çæææå访é®èµæºï¼è¯·ä½¿ç¨ä¸å代ç ï¼
<configuration> <system.web> <authorization> <allow roles="domainname\Managers" /> <deny users="*" /> </authorization> </system.web> </configuration>
è¦åªå
许ç¹å®ç¨æ·è®¿é®ï¼è¯·ä½¿ç¨ä¸å代ç ï¼
<configuration> <system.web> <authorization> <allow users="domainname\user1,domainname\user2,domainname\user3" /> <deny users="*" /> </authorization> </system.web> </configuration>
å¤æ³¨ å¯ä»¥ä½¿ç¨éå·åéçå表æ¥æå®å¤ä¸ªè§è²æç¨æ·ãæ£æ¥å¨æå®é
ç½®æ件å
ç´ åå
³èçå±æ§å¼æ¶æ¯å¦ä½¿ç¨äºæ£ç¡®ç大å°åãæ¤ä»£ç æ¯åºå大å°åçã