如何在不显示用户名密码提示的情况下从 windows auth 获取 LOGON_USER 信息?
How can I get LOGON_USER info from windows auth without having the username password prompt appear?
我在 Windows Server 2016 上使用 iisnode 运行 我的 express,nodejs 应用程序。我只需要连接到我的应用程序的客户端计算机的 LOGON_USER(用户名)(这是在公司网络上)。连接到我的应用程序时,它会提示用户输入用户名密码。我的理解是,当使用 windows 身份验证时,我可以访问客户端凭据,而无需他们登录我的应用程序,因为他们已经登录到他们的计算机?
我在我的应用程序的默认网站下的 IIS 中禁用了匿名身份验证并启用了 Windows 身份验证。我跟随 these instructions 推广了一些服务器变量 ex。 LOGON_USER。当我浏览到我的应用程序站点时,系统会提示我登录名和用户名弹出窗口。我需要做什么才能访问客户端 username/computer 名称而无需他们再次提供凭据。我什至不需要对他们进行身份验证我只需要他们访问我的应用程序的计算机的用户名。
web.config。
</appSettings>
<system.webServer>
<!-- Remove the modules element if running on IIS 8.5-->
<modules runAllManagedModulesForAllRequests="false" />
<!-- <httpErrors existingReponse="PassThrough"></httpErrors> -->
<iisnode node_env="%node_env%"
nodeProcessCountPerApplication="1"
maxConcurrentRequestsPerProcess="1024"
maxNamedPipeConnectionRetry="100"
namedPipeConnectionRetryDelay="250"
maxNamedPipeConnectionPoolSize="512"
maxNamedPipePooledConnectionAge="30000"
asyncCompletionThreadCount="0"
initialRequestBufferSize="4096"
maxRequestBufferSize="65536"
uncFileChangesPollingInterval="5000"
gracefulShutdownTimeout="60000"
loggingEnabled="true" logDirectory="iisnode"
debuggingEnabled="true" d
ebugHeaderEnabled="false"
debuggerPortRange="5058-6058"
debuggerPathSegment="debug"
maxLogFileSizeInKB="128"
maxTotalLogFileSizeInKB="1024"
maxLogFiles="20"
devErrorsEnabled="true"
flushResponse="false"
enableXFF="false"
promoteServerVars="AUTH_USER,AUTH_TYPE,LOGON_USER,REMOTE_USER,REMOTE_HOST"
configOverrides="iisnode.yml"
watchedFiles="web.config;*.js"
nodeProcessCommandLine="C:\Program Files\nodejs\node.exe" />
<handlers>
<add name="iisnode" path="server/dist/index.js" verb="*" modules="iisnode" />
</handlers>
<rewrite>
<rules>
<!-- Don't interfere with requests for node-inspector debugging -->
<rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^server/dist/index.js\/debug[\/]?" />
</rule>
<!-- First we consider whether the incoming URL matches a physical file in the /public folder -->
<rule name="StaticContent" patternSyntax="Wildcard">
<action type="Rewrite" url="client/build/{R:0}" logRewrittenUrl="true" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<match url="*.*" />
</rule>
<!-- All other URLs are mapped to the Node.js application entry point -->
<rule name="DynamicContent">
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True" />
</conditions>
<action type="Rewrite" url="server/dist/index.js" />
</rule>
</rules>
</rewrite>
<directoryBrowse enabled="false" />
</system.webServer>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
<identity impersonate="false" />
</system.web>
呃...想通了。我正在使用我网站的 IP 地址 http://ip.address/myapp. It will always prompt for login and password if the url has periods in it. So I canged the ip to the server name and it cleared up the problem. http://myservername/myapp
我在 Windows Server 2016 上使用 iisnode 运行 我的 express,nodejs 应用程序。我只需要连接到我的应用程序的客户端计算机的 LOGON_USER(用户名)(这是在公司网络上)。连接到我的应用程序时,它会提示用户输入用户名密码。我的理解是,当使用 windows 身份验证时,我可以访问客户端凭据,而无需他们登录我的应用程序,因为他们已经登录到他们的计算机?
我在我的应用程序的默认网站下的 IIS 中禁用了匿名身份验证并启用了 Windows 身份验证。我跟随 these instructions 推广了一些服务器变量 ex。 LOGON_USER。当我浏览到我的应用程序站点时,系统会提示我登录名和用户名弹出窗口。我需要做什么才能访问客户端 username/computer 名称而无需他们再次提供凭据。我什至不需要对他们进行身份验证我只需要他们访问我的应用程序的计算机的用户名。
web.config。
</appSettings>
<system.webServer>
<!-- Remove the modules element if running on IIS 8.5-->
<modules runAllManagedModulesForAllRequests="false" />
<!-- <httpErrors existingReponse="PassThrough"></httpErrors> -->
<iisnode node_env="%node_env%"
nodeProcessCountPerApplication="1"
maxConcurrentRequestsPerProcess="1024"
maxNamedPipeConnectionRetry="100"
namedPipeConnectionRetryDelay="250"
maxNamedPipeConnectionPoolSize="512"
maxNamedPipePooledConnectionAge="30000"
asyncCompletionThreadCount="0"
initialRequestBufferSize="4096"
maxRequestBufferSize="65536"
uncFileChangesPollingInterval="5000"
gracefulShutdownTimeout="60000"
loggingEnabled="true" logDirectory="iisnode"
debuggingEnabled="true" d
ebugHeaderEnabled="false"
debuggerPortRange="5058-6058"
debuggerPathSegment="debug"
maxLogFileSizeInKB="128"
maxTotalLogFileSizeInKB="1024"
maxLogFiles="20"
devErrorsEnabled="true"
flushResponse="false"
enableXFF="false"
promoteServerVars="AUTH_USER,AUTH_TYPE,LOGON_USER,REMOTE_USER,REMOTE_HOST"
configOverrides="iisnode.yml"
watchedFiles="web.config;*.js"
nodeProcessCommandLine="C:\Program Files\nodejs\node.exe" />
<handlers>
<add name="iisnode" path="server/dist/index.js" verb="*" modules="iisnode" />
</handlers>
<rewrite>
<rules>
<!-- Don't interfere with requests for node-inspector debugging -->
<rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^server/dist/index.js\/debug[\/]?" />
</rule>
<!-- First we consider whether the incoming URL matches a physical file in the /public folder -->
<rule name="StaticContent" patternSyntax="Wildcard">
<action type="Rewrite" url="client/build/{R:0}" logRewrittenUrl="true" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<match url="*.*" />
</rule>
<!-- All other URLs are mapped to the Node.js application entry point -->
<rule name="DynamicContent">
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True" />
</conditions>
<action type="Rewrite" url="server/dist/index.js" />
</rule>
</rules>
</rewrite>
<directoryBrowse enabled="false" />
</system.webServer>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>
<identity impersonate="false" />
</system.web>
呃...想通了。我正在使用我网站的 IP 地址 http://ip.address/myapp. It will always prompt for login and password if the url has periods in it. So I canged the ip to the server name and it cleared up the problem. http://myservername/myapp