我正在开发一个MVC4项目,每个构建都部署到Dev而不是QA环境。每次构建时,QA成员都没有访问QA站点的问题。在最后一次部署之后,一个QA用户正在获取IE用户名\密码凭据。如果此QA人员在此用户中取消或放置她的Windows用户名/密码,则会在IE中收到401错误。在Chrome中,它只是在没有要求凭据的情况下给她一个401错误。
她能够在没有任何相同构建问题的情况下进入开发环境。所以问题就出在质量保证环境中。
没有其他人有此问题(约有5或6人尝试过。)。
该网站正在使用Windows身份验证,IIS服务器上的所有内容似乎都设置正确。这个有问题的QA用户在上次部署之前没有任何问题。
服务器托管是Windows Server 2008 R2,使用带有MVC4的.NET 4.0。
我让用户删除了所有浏览器缓存,确保没有代理服务器设置,并确保在IE中选中“启用集成Windows身份验证”。如果其中任何一个不正确,它也不会在开发环境中起作用。
有人可以就解决此问题的最佳方法向我提出任何想法吗?
感谢大家的时间。
修改
使用Fiddler查看请求和响应。两者都是使用IE完成的。正在运行的机器正在处理WWW-Authenticate(2 401和200,这是Kerberos握手)。然而,不工作的浏览器似乎没有处理WWW-Authenticate,而是要求用户输入用户名/密码而不是发送授权:协商。
有效的机器上的请求(请求1)
GET http://MyLocalSite/ HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: MyLocalSite
Pragma: no-cache
有效的机器上的响应(响应1)
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Mon, 30 Sep 2013 18:51:54 GMT
Content-Length: 1293
Proxy-Support: Session-Based-Authentication
有效的机器上的请求(请求2)
GET http://MyLocalSite/ HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==
Pragma: no-cache
Host: MyLocalSite
有效的机器上的响应(响应2)
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
WWW-Authenticate: Negotiate TlRMTVNTUAACAAAADgAOADgAAAAVgonioA9ayIkT2AEAAAAAAAAAAJ4AngBGAAAABgGxHQAAAA9HAEUATgBJAE4ARgBPAAIADgBHAEUATgBJAE4ARgBPAAEAFABRAEEAMgBXAEUAQgBJAE4AVAAyAAQAFgBnAGUAbgBpAG4AZgBvAC4AYwBvAG0AAwAsAFEAQQAyAFcARQBCAEkATgBUADIALgBnAGUAbgBpAG4AZgBvAC4AYwBvAG0ABQAWAGcAZQBuAGkAbgBmAG8ALgBjAG8AbQAHAAgAX7yrIQ6+zgEAAAAA
Date: Mon, 30 Sep 2013 18:51:54 GMT
Content-Length: 341
Proxy-Support: Session-Based-Authentication
有效的机器上的请求(请求3)
GET http://MyLocalSite/ HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: MyLocalSite
Pragma: no-cache
Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJYAAAAYABgArgAAAA4ADgBYAAAAFgAWAGYAAAAaABoAfAAAABAAEADGAAAAFYKI4gYBsR0AAAAPTTUv/iiYRszkcKP+vEpEUkcARQBOAEkATgBGAE8AbQBhAHMAdAByAGEAdQBjAGsAYQBzAEkAVABHADUAQwBCADMAMAA4ADMAQwBOADMAMIrf5ReM2DwAAAAAAAAAAAAAAAAAAAAAFpY6vMa57pcoU9CLc22TN/M9wIwMgReGfPTodq1BeQGd0THtjF1BAg==
有效的机器上的响应(响应3)
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Mon, 30 Sep 2013 18:51:54 GMT
Content-Length: 15195
请求无法使用的计算机
GET http://MyLocalSite/ HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET CLR 1.1.4322; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: MyLocalSite
无效的计算机上的响应
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Mon, 30 Sep 2013 17:50:27 GMT
Content-Length: 1293
Proxy-Support: Session-Based-Authentication
修改2
在QA测试人员框中,当它给出用户用户名/密码框时,我将我的凭据放入所有工作中。我已将此发送给我们的NOG部门,但截至目前,他们也无法弄明白。所以欢迎任何建议!