ASP.Net Core 6 WebApp:没有带 windows 身份验证的默认身份验证方案
ASP.Net Core 6 WebApp: No default auth scheme with windows authentication
我将我的 asp.net 核心 mvc webapp 从 5 迁移到 6,之后,windows 身份验证就不再存在了。
只有当我尝试在 VS22 中调试我的 webapp 时才会出现此问题。当我将它部署到 IIS 时,win auth 运行完美。我已经尝试了很多解决这个问题的建议,比如添加
services.AddAuthentication(options => {
options.DefaultAuthenticateScheme = IISDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IISDefaults.AuthenticationScheme;
}).AddNegotiate();
或
services.AddAuthentication(IISDefaults.AuthenticationScheme).AddNegotiate();
或
services.AddAuthorization(options =>
{
options.FallbackPolicy = options.DefaultPolicy;
});
在我的 Starup.cs 中的各种位置和订单。
我也尝试过不同的托管实现(Kestrel、IIS)。
我也尝试过 HttpSys 它有效 但是因为我不能使用它(公司环境请求 IIS)我不得不不幸地通过它。
无论我使用哪种浏览器(FF、Chrome、IE、Edge),我总是在 Web 应用程序中收到相同的 500 内部错误响应,但出现此异常:
Exception thrown:
'System.InvalidOperationException' in System.Private.CoreLib.dll
("No authenticationScheme was specified, and there was no DefaultChallengeScheme found.
The default schemes can be set using either AddAuthentication(string defaultScheme)
or AddAuthentication(Action<AuthenticationOptions> configureOptions).")
Startup.cs:
public class Startup {
private Config cfg;
public Startup(IConfiguration configuration) {
Configuration = configuration;
this.cfg = new Config();
Configuration.GetSection("appinfo").Bind(this.cfg);
var client = new LoggingClient(cfg.GetAddressOf("Services.Api.Logging"), cfg.DisplayName.Split('.').Last());
client.WriteLogAsync("UI starting", LogSeverity.Info);
ReferenceHelper.TestReferences(cfg);
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services) {
services.AddControllersWithViews().AddRazorRuntimeCompilation();
services.AddLocalization(options => options.ResourcesPath = "Resources");
services.AddMvc(options => {
options.EnableEndpointRouting = false;
}).AddViewLocalization(LanguageViewLocationExpanderFormat.Suffix).AddDataAnnotationsLocalization();
services.AddOptions();
services.Configure<Config>(options => Configuration.GetSection("appinfo").Bind(options));
services.AddSingleton<IConfiguration>(provider => Configuration);
services.AddDistributedMemoryCache();
services.AddSession(
options => {
options.Cookie.IsEssential = true;
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.Always;
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.HttpOnly = true;
});
//services.AddAuthentication(HttpSysDefaults.AuthenticationScheme);
//services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();
services.AddAuthentication(IISDefaults.AuthenticationScheme).AddNegotiate();
services.AddScoped<IClaimsTransformation, ClaimsTransformer>();
services.AddAuthorization();
services.AddDataProtection()
.SetApplicationName("InfoServices.Web.Administration")
.PersistKeysToFileSystem(new System.IO.DirectoryInfo(DefaultPaths.WEB_KEYSTORE))
.SetDefaultKeyLifetime(TimeSpan.FromDays(90));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env) {
app.UseMiddleware<ErrorLoggingMiddleware>(new LoggingClient(cfg.GetAddressOf("InfoServices.Api.Logging"), cfg.DisplayName.Split('.').Last()));
app.UseForwardedHeaders();
var supportedCultures = new[] { "en", "de" };
var localizationOptions = new RequestLocalizationOptions().SetDefaultCulture(supportedCultures[1])
.AddSupportedCultures(supportedCultures)
.AddSupportedUICultures(supportedCultures);
localizationOptions.ApplyCurrentCultureToResponseHeaders = true;
//if (env.IsDevelopment()) {
// //app.UseDeveloperExceptionPage();
// app.UseForwardedHeaders();
//} else {
// // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
//}
app.UseHsts();
//app.UseAuthMiddleware();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseDefaultFiles();
app.UseRouting();
app.UseRequestLocalization(localizationOptions);
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
app.UseEndpoints(endpoints => {
endpoints.MapControllers();
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Overview}/{id?}");
});
}
}
Program.cs:
public class Program{
private static Config cfg;
public static void Main(string[] args)
{
cfg = ConfigJsonHelper.GetConfig();
CreateHostBuilder(args).Build().Run();
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
//webBuilder.UseHttpSys(options =>
//{
// options.Authentication.Schemes = Microsoft.AspNetCore.Server.HttpSys.AuthenticationSchemes.NTLM;
// options.Authentication.AllowAnonymous = true;
// options.UrlPrefixes.Add("https://" + LocalDataHelper.GetCurrentHostname() + ".domain.at:" + cfg.Port);
//}).ConfigureAppConfiguration((hostingContext, config) =>
//{
// var env = hostingContext.HostingEnvironment;
// //config.Sources.Clear();
// config.SetBasePath(env.ContentRootPath);
// config.AddJsonFile("appinfo.json", optional: false, reloadOnChange: true);
// config.AddEnvironmentVariables();
//});
//webBuilder.UseKestrel().ConfigureAppConfiguration((hostingContext, config) =>
//{
// var env = hostingContext.HostingEnvironment;
// //config.Sources.Clear();
// config.SetBasePath(env.ContentRootPath);
// config.AddJsonFile("appinfo.json", optional: false, reloadOnChange: true);
// config.AddEnvironmentVariables();
//}).UseUrls("https://" + LocalDataHelper.GetCurrentHostname() + ".domain.at:" + cfg.Port);
webBuilder.UseIISIntegration().ConfigureAppConfiguration((hostingContext, config) =>
{
var env = hostingContext.HostingEnvironment;
//config.Sources.Clear();
config.SetBasePath(env.ContentRootPath);
config.AddJsonFile("appinfo.json", optional: false, reloadOnChange: true);
config.AddEnvironmentVariables();
}).UseUrls("https://" + LocalDataHelper.GetCurrentHostname() + ".domain.at:" + cfg.Port);
webBuilder.UseStartup<Startup>();
});
}
对于 nuget pkgs 我有:
"Microsoft.AspNetCore.Authentication.Negotiate" Version="6.0.2"
"jQuery" Version="3.6.0"
"jquery.TypeScript.DefinitelyTyped" Version="3.1.2"
"jQuery.Validation" Version="1.19.3"
"Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="6.0.2"
"Microsoft.AspNetCore.StaticFiles" Version="2.2.0"
"Microsoft.Extensions.Configuration.Binder" Version="6.0.0"
"Microsoft.IdentityModel" Version="7.0.0"
"Microsoft.jQuery.Unobtrusive.Validation" Version="3.2.12"
"Newtonsoft.Json" Version="13.0.1"
"Microsoft.TypeScript.MSBuild" Version="4.5.3"
launchSettings.json:
{
"iisSettings": {
"windowsAuthentication": true,
"anonymousAuthentication": false,
"iisExpress": {
"applicationUrl": "http://localhost:60248",
"sslPort": 6900,
"windowsAuthentication": true,
"anonymousAuthentication": false
}
},
"profiles": {
"Development": {
"commandName": "Project",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}
按照超登的建议,我尝试了link中建议的属性,但没有为我做。 但是 我查看了 linked post (),我看到了迷你 web.config 的用法,只包含
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
</configuration>
这是为我做的
我将我的 asp.net 核心 mvc webapp 从 5 迁移到 6,之后,windows 身份验证就不再存在了。 只有当我尝试在 VS22 中调试我的 webapp 时才会出现此问题。当我将它部署到 IIS 时,win auth 运行完美。我已经尝试了很多解决这个问题的建议,比如添加
services.AddAuthentication(options => {
options.DefaultAuthenticateScheme = IISDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = IISDefaults.AuthenticationScheme;
}).AddNegotiate();
或
services.AddAuthentication(IISDefaults.AuthenticationScheme).AddNegotiate();
或
services.AddAuthorization(options =>
{
options.FallbackPolicy = options.DefaultPolicy;
});
在我的 Starup.cs 中的各种位置和订单。 我也尝试过不同的托管实现(Kestrel、IIS)。 我也尝试过 HttpSys 它有效 但是因为我不能使用它(公司环境请求 IIS)我不得不不幸地通过它。 无论我使用哪种浏览器(FF、Chrome、IE、Edge),我总是在 Web 应用程序中收到相同的 500 内部错误响应,但出现此异常:
Exception thrown:
'System.InvalidOperationException' in System.Private.CoreLib.dll
("No authenticationScheme was specified, and there was no DefaultChallengeScheme found.
The default schemes can be set using either AddAuthentication(string defaultScheme)
or AddAuthentication(Action<AuthenticationOptions> configureOptions).")
Startup.cs:
public class Startup {
private Config cfg;
public Startup(IConfiguration configuration) {
Configuration = configuration;
this.cfg = new Config();
Configuration.GetSection("appinfo").Bind(this.cfg);
var client = new LoggingClient(cfg.GetAddressOf("Services.Api.Logging"), cfg.DisplayName.Split('.').Last());
client.WriteLogAsync("UI starting", LogSeverity.Info);
ReferenceHelper.TestReferences(cfg);
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services) {
services.AddControllersWithViews().AddRazorRuntimeCompilation();
services.AddLocalization(options => options.ResourcesPath = "Resources");
services.AddMvc(options => {
options.EnableEndpointRouting = false;
}).AddViewLocalization(LanguageViewLocationExpanderFormat.Suffix).AddDataAnnotationsLocalization();
services.AddOptions();
services.Configure<Config>(options => Configuration.GetSection("appinfo").Bind(options));
services.AddSingleton<IConfiguration>(provider => Configuration);
services.AddDistributedMemoryCache();
services.AddSession(
options => {
options.Cookie.IsEssential = true;
options.Cookie.SecurePolicy = Microsoft.AspNetCore.Http.CookieSecurePolicy.Always;
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.HttpOnly = true;
});
//services.AddAuthentication(HttpSysDefaults.AuthenticationScheme);
//services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();
services.AddAuthentication(IISDefaults.AuthenticationScheme).AddNegotiate();
services.AddScoped<IClaimsTransformation, ClaimsTransformer>();
services.AddAuthorization();
services.AddDataProtection()
.SetApplicationName("InfoServices.Web.Administration")
.PersistKeysToFileSystem(new System.IO.DirectoryInfo(DefaultPaths.WEB_KEYSTORE))
.SetDefaultKeyLifetime(TimeSpan.FromDays(90));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env) {
app.UseMiddleware<ErrorLoggingMiddleware>(new LoggingClient(cfg.GetAddressOf("InfoServices.Api.Logging"), cfg.DisplayName.Split('.').Last()));
app.UseForwardedHeaders();
var supportedCultures = new[] { "en", "de" };
var localizationOptions = new RequestLocalizationOptions().SetDefaultCulture(supportedCultures[1])
.AddSupportedCultures(supportedCultures)
.AddSupportedUICultures(supportedCultures);
localizationOptions.ApplyCurrentCultureToResponseHeaders = true;
//if (env.IsDevelopment()) {
// //app.UseDeveloperExceptionPage();
// app.UseForwardedHeaders();
//} else {
// // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
//}
app.UseHsts();
//app.UseAuthMiddleware();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseDefaultFiles();
app.UseRouting();
app.UseRequestLocalization(localizationOptions);
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
app.UseEndpoints(endpoints => {
endpoints.MapControllers();
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Overview}/{id?}");
});
}
}
Program.cs:
public class Program{
private static Config cfg;
public static void Main(string[] args)
{
cfg = ConfigJsonHelper.GetConfig();
CreateHostBuilder(args).Build().Run();
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
//webBuilder.UseHttpSys(options =>
//{
// options.Authentication.Schemes = Microsoft.AspNetCore.Server.HttpSys.AuthenticationSchemes.NTLM;
// options.Authentication.AllowAnonymous = true;
// options.UrlPrefixes.Add("https://" + LocalDataHelper.GetCurrentHostname() + ".domain.at:" + cfg.Port);
//}).ConfigureAppConfiguration((hostingContext, config) =>
//{
// var env = hostingContext.HostingEnvironment;
// //config.Sources.Clear();
// config.SetBasePath(env.ContentRootPath);
// config.AddJsonFile("appinfo.json", optional: false, reloadOnChange: true);
// config.AddEnvironmentVariables();
//});
//webBuilder.UseKestrel().ConfigureAppConfiguration((hostingContext, config) =>
//{
// var env = hostingContext.HostingEnvironment;
// //config.Sources.Clear();
// config.SetBasePath(env.ContentRootPath);
// config.AddJsonFile("appinfo.json", optional: false, reloadOnChange: true);
// config.AddEnvironmentVariables();
//}).UseUrls("https://" + LocalDataHelper.GetCurrentHostname() + ".domain.at:" + cfg.Port);
webBuilder.UseIISIntegration().ConfigureAppConfiguration((hostingContext, config) =>
{
var env = hostingContext.HostingEnvironment;
//config.Sources.Clear();
config.SetBasePath(env.ContentRootPath);
config.AddJsonFile("appinfo.json", optional: false, reloadOnChange: true);
config.AddEnvironmentVariables();
}).UseUrls("https://" + LocalDataHelper.GetCurrentHostname() + ".domain.at:" + cfg.Port);
webBuilder.UseStartup<Startup>();
});
}
对于 nuget pkgs 我有:
"Microsoft.AspNetCore.Authentication.Negotiate" Version="6.0.2"
"jQuery" Version="3.6.0"
"jquery.TypeScript.DefinitelyTyped" Version="3.1.2"
"jQuery.Validation" Version="1.19.3"
"Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="6.0.2"
"Microsoft.AspNetCore.StaticFiles" Version="2.2.0"
"Microsoft.Extensions.Configuration.Binder" Version="6.0.0"
"Microsoft.IdentityModel" Version="7.0.0"
"Microsoft.jQuery.Unobtrusive.Validation" Version="3.2.12"
"Newtonsoft.Json" Version="13.0.1"
"Microsoft.TypeScript.MSBuild" Version="4.5.3"
launchSettings.json:
{
"iisSettings": {
"windowsAuthentication": true,
"anonymousAuthentication": false,
"iisExpress": {
"applicationUrl": "http://localhost:60248",
"sslPort": 6900,
"windowsAuthentication": true,
"anonymousAuthentication": false
}
},
"profiles": {
"Development": {
"commandName": "Project",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development"
}
}
}
}
按照超登的建议,我尝试了link中建议的属性,但没有为我做。 但是 我查看了 linked post (
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
</configuration>
这是为我做的