IIS中托管的本地STS - 错误消息401.2:未授权:由于服务器配置而导致登录失败

时间:2014-05-08 04:06:35

标签: wif claims-based-identity acs sts-securitytokenservice x509securitytokenmanager

错误消息401.2。:未授权:由于服务器配置,登录失败。验证您是否有权根据您提供的凭据和Web服务器上启用的身份验证方法查看此目录或页面。请与Web服务器的管理员联系以获取其他帮助。\

我在将网站属性更改为项目网址时遇到上述错误:localhost / StsClient。但是它适用于IIS express设置为:localhost:21817 /

有什么帮助吗?为什么我不能在本地IIS中拥有STS客户端?还是我想念一些东西?下面是客户端配置

<system.webServer>
    <modules>
      <add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
      <add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
    </modules>
  </system.webServer>
  <system.identityModel>
    <identityConfiguration>
      <audienceUris>
        <add value="http://localhost/StsClient" />
      </audienceUris>
      <securityTokenHandlers>
        <add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        <remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      </securityTokenHandlers>
      <certificateValidation certificateValidationMode="None" />
      <issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
        <authority name="DeveloperSts">
          <keys>
            <add thumbprint="#################################" />
          </keys>
          <validIssuers>
            <add name="DeveloperSts" />
          </validIssuers>
        </authority>
      </issuerNameRegistry>
    </identityConfiguration>
  </system.identityModel>
  <system.identityModel.services>
    <federationConfiguration>
      <cookieHandler requireSsl="false" />
      <!--<wsFederation passiveRedirectEnabled="true" 
      <wsFederation passiveRedirectEnabled="true" issuer="http://localhost/StsService/Security/Authorize" realm="http://localhost/StsClient" requireHttps="false" />
    </federationConfiguration>
  </system.identityModel.services>

1 个答案:

答案 0 :(得分:0)

好的..这很有趣..当我使用IE11显示它时,它给出了另一个错误:

  

“加密操作期间发生错误。”

然后我打开了在IIS中启用的Windows身份验证,现在工作正常..

到目前为止,客户端网站仍无法通过Chrome加载,也不确定原因..

相关问题
最新问题