Question

我无法在.NET Core中自我托管我的Web API。它在IIS上运行良好，但我尝试自托管时收到身份验证错误。我尝试在其他解决方案中使用cookie身份验证，但徒劳无功。我现在只有1条路线，但在放入多个断点后，我注意到它甚至没有到达我的控制器的构造函数。如果有人能给我一个解决方案的提示，我将非常感激它：）

以下是我的代码片段。

Startup.cs

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(this.Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    app.UseApplicationInsightsRequestTelemetry();

    app.UseApplicationInsightsExceptionTelemetry();

    app.UseMvc();
}

public void ConfigureServices(IServiceCollection services)
{
    // Add framework services.
    services.AddApplicationInsightsTelemetry(this.Configuration);

    // Add the database used
    services.AddDbContext<VaultContext>(options => options.UseSqlServer(this.Configuration.GetConnectionString("VaultDatabase")));

    // Add our repository type
    services.AddScoped<VaultRepository, VaultRepository>();
    services.AddScoped<UserResolverService, UserResolverService>();
    services.AddScoped<PersonalizationServiceClient, PersonalizationServiceClient>();
    services.AddScoped<PersistenceToDataModelConverter, PersistenceToDataModelConverter>();

    services.AddMvc(config =>
    {
        var policy = new AuthorizationPolicyBuilder()
                            .RequireAuthenticatedUser()
                            .Build();
        config.Filters.Add(new AuthorizeFilter(policy));
    });
}

＆＃39;＆＃39; services.AddMvc＆＃39;＆＃39;中的配置lamda是我发现的唯一一个工作，迫使调用者提供他的Windows凭据，我将在以后分析和显示基于他的个人资料的信息。如果这不是正确的方法，请告诉我。

我的控制器类

public VaultController(VaultRepository repository, UserResolverService currentuser, PersonalizationServiceClient personalizationService, PersistenceToDataModelConverter persistenceToDataModelConverter)
{
    this.repository = repository;
    this.currentuser = currentuser;
    this.personalizationService = personalizationService;
    this.persistenceToDataModelConverter = persistenceToDataModelConverter;
}

/// <summary>
/// The get profile.
/// </summary>
/// <returns>
/// The <see cref="IActionResult"/>.
/// </returns>
[HttpGet]
[Route("/Profile")]
[Produces(typeof(UserProfile))]
public IActionResult SearchProfile()
{
    try
    {
        if (!this.currentuser.IsAuthenticated)
        {
            throw new Exception("This service does not support anonymous calls.");
        }

        var profile = Task.Run(() => this.personalizationService.GetUserProfileAsync(this.currentuser.GetCurrentWindowsIdentityName)).Result;

        var userProfile = this.persistenceToDataModelConverter.Convert(profile);
        userProfile.UserAdLogin = this.currentuser.GetCurrentWindowsIdentityName;

        return this.Ok(userProfile);
    }
    catch (Exception ex)
    {
        return this.NotFound(ex);
    }
}

这是我得到的错误

Answer 1

您需要身份验证，但您的应用中没有任何auth中间件来处理它。您需要使用类似UseCookieAuthentication或UseJwtBearerAuthentication的内容。它在IIS中不会失败，因为IIS为Windows身份验证添加了中间件。

Answer 2

请设置

的值

options.AutomaticChallenge = true

应解决身份验证处理程序错误。

https://social.msdn.microsoft.com/Forums/en-US/d0b65153-4313-449d-8fb8-a861c3cf8bf7/aspnet-core-1-authentication-cookie-not-being-set-in-google-chrome-works-in-ie?forum=csharpgeneral

使用.NET Core自托管Web API的麻烦

2 个答案: