我有一个需要Windows集成安全性的ASP.NET应用程序。 出于某种原因,我不在这里讨论,我需要在运行时创建WebRequest,在应用程序中调用其他页面并处理结果。
应用程序在我们使用DNS别名的服务器上运行,类似于app.domain.com。
因此,我使用预定义的域用户和密码创建了NetworkCredential,并将其附加到请求中。
这就是我得到的:
[Win32Exception (0x80004005): The logon attempt failed]
System.Net.NTAuthentication.GetOutgoingBlob(Byte[] incomingBlob, Boolean throwOnError, SecurityStatus& statusCode) +1404402
System.Net.NTAuthentication.GetOutgoingBlob(String incomingBlob) +78
System.Net.NegotiateClient.DoAuthenticate(String challenge, WebRequest webRequest, ICredentials credentials, Boolean preAuthenticate) +560
System.Net.NegotiateClient.Authenticate(String challenge, WebRequest webRequest, ICredentials credentials) +14
System.Net.AuthenticationManager.Authenticate(String challenge, WebRequest request, ICredentials credentials) +247
System.Net.AuthenticationState.AttemptAuthenticate(HttpWebRequest httpWebRequest, ICredentials authInfo) +243
System.Net.HttpWebRequest.CheckResubmitForAuth() +232
System.Net.HttpWebRequest.CheckResubmit(Exception& e) +5299747
[WebException: The remote server returned an error: (401) Unauthorized.]
System.Net.HttpWebRequest.GetResponse() +5313085
Entropy.Envoy.Web.Corporate.ExportFilter.GetTargetReportContent(Uri targetUrl, HttpCookieCollection cookies) +521
Entropy.Envoy.Web.Corporate.ExportFilter.Page_Load(Object sender, EventArgs e) +139
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
System.EventHandler.Invoke(Object sender, EventArgs e) +0
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +50
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627
相同的代码适用于具有类似设置的其他服务器。 发生了什么事?
答案 0 :(得分:0)
找到了这个答案。 原来就像在Active Directory中添加SPN一样简单:
setspn -a HTTP//WebServer.domain.com customDomainAccount
setspn -a HTTP//servername customDomainAccount