Question

我有一个webforms应用程序，我使用表单身份验证保护。我的问题是，对于某些网址，即使用户登录，我也会（意外地）获得基本的身份验证模式对话框提示。其他网页很好，并且不会出现此行为。

这仅发生在登台服务器上，而在我的开发环境中不。以下是我的相关配置：

登台服务器正在运行IIS 8
的web.config

<system.web>
  <authentication mode="Forms">
    <forms loginUrl="Account/Login" timeout="120" defaultUrl="/" />
  </authentication>
  <pages validateRequest="false" clientIDMode="AutoID">
  </pages>
  <membership defaultProvider="DefaultMembershipProvider">
      <providers>
        <add connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="GliderWorks" name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
      </providers>
 </membership>
 <profile defaultProvider="DefaultProfileProvider">
      <providers>
        <add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="GliderWorks" />
      </providers>
 </profile>
 <roleManager enabled="true" defaultProvider="DefaultRoleProvider">
      <providers>
           <add connectionStringName="DefaultConnection".....
      </providers>
 </roleManager>
 <siteMap defaultProvider="SitemapNone">
          <providers>
            <clear />
            <add name="SitemapAdministrator" type="System.Web.XmlSiteMapProvider" siteMapFile="WebHorizontalMenuAdministrator.sitemap" />
            <add name="SitemapNone" type="System.Web.XmlSiteMapProvider" siteMapFile="WebHorizontalMenuNone.sitemap" />
            <add name="SitemapSuperAdministrator" type="System.Web.XmlSiteMapProvider" siteMapFile="WebHorizontalMenuSuperAdministrator.sitemap" />
          </providers>
 </siteMap>
</system.web>
<!-- Site Security -->   <!-- Allow anonymous access to Public Area
 -->   
<location path="Public">
  <system.web>
    <authorization>
      <allow users="*" />
    </authorization>
  </system.web>   
</location>   <!-- Entire site is secured -->   <location path=".">
  <system.web>
    <authorization>
      <deny users="?" />
    </authorization>
  </system.web>   
</location>   <!-- Allow anonymous access to api -->   
<location path="api">
  <system.web>
    <authorization>
      <allow users="*" />
    </authorization>
  </system.web>   
</location>   <!-- /Site Security -->

和相关的站点地图SitemapSuperAdministrator.xml配置文件：

获取未受保护的单个页面的意外基本身份验证提示

0 个答案: