无法使用 windows 身份验证 post 到 asp.net 核心网络 api
could not post to asp.net core web api using windows authentication
api 是 AspNetCore WebApi,默认配置为 Windows 身份验证并启用 CORS。客户端 Angular 使用 GET 和 POST 方法。
GET调用成功:
this.http.get("https://localhost:44358/api/values", {withCredentials:true})
.subscribe(a=> {
console.log(a);
this.list=a;
});
POST失败:
this.http.post("https://localhost:44358/api/values", {value:"aaa"}, {withCredentials:true})
.subscribe(a=> {
console.log(a);
this.list=a;
});
02 个例外是
OPTIONS https://localhost:44358/api/values 401 (Unauthorized)
和
Access to XMLHttpRequest at 'https://localhost:44358/api/values' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
有什么想法吗?
POST 导致浏览器在真正 POST 之前向网络发送选项 api。但是 webapi 拒绝此调用,因为配置仅基于 Windows 身份验证。解决方案是在 launchSetting.json
.
中为控制器启用 Windows 身份验证以及为 OPTIONS 启用匿名身份验证
"iisSettings": {
"windowsAuthentication": true,
"anonymousAuthentication": true,
并在 Startup.cs
中的 AddMvc
之前添加 1 行
services.AddAuthentication(IISDefaults.AuthenticationScheme);
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
api 是 AspNetCore WebApi,默认配置为 Windows 身份验证并启用 CORS。客户端 Angular 使用 GET 和 POST 方法。
GET调用成功:
this.http.get("https://localhost:44358/api/values", {withCredentials:true})
.subscribe(a=> {
console.log(a);
this.list=a;
});
POST失败:
this.http.post("https://localhost:44358/api/values", {value:"aaa"}, {withCredentials:true})
.subscribe(a=> {
console.log(a);
this.list=a;
});
02 个例外是
OPTIONS https://localhost:44358/api/values 401 (Unauthorized)
和
Access to XMLHttpRequest at 'https://localhost:44358/api/values' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
有什么想法吗?
POST 导致浏览器在真正 POST 之前向网络发送选项 api。但是 webapi 拒绝此调用,因为配置仅基于 Windows 身份验证。解决方案是在 launchSetting.json
.
"iisSettings": {
"windowsAuthentication": true,
"anonymousAuthentication": true,
并在 Startup.cs
AddMvc
之前添加 1 行
services.AddAuthentication(IISDefaults.AuthenticationScheme);
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);