如何禁用IIS Express所有身份验证?

wlzqhblo  于 2023-10-19  发布在  其他
关注(0)|答案(1)|浏览(169)

对于Windows 7上的IIS express 8.0,我在applicationhost.config文件中设置了有关身份验证的设置。

<authentication>

        <anonymousAuthentication enabled="false" />

        <basicAuthentication enabled="false" />

        <clientCertificateMappingAuthentication enabled="false" />

        <digestAuthentication enabled="false" />

        <iisClientCertificateMappingAuthentication enabled="false">
        </iisClientCertificateMappingAuthentication>

        <windowsAuthentication enabled="true">
            <providers>
                <add value="Negotiate" />
                <add value="NTLM" />
            </providers>
        </windowsAuthentication>
    </authentication>

当我< windowsAuthentication enabled="true" >,我得到了一个弹出框提示窗口帐户和密码.我进去了,一切都很好。
但是,我想禁用所有身份验证,因为这是内部使用的。所以,我先禁用了Windows身份验证。然后尝试< anonymousAuthentication enabled="true" />,我得到了401.2错误连同消息“访问被拒绝".如果我更改为< anonymousAuthentication enabled="false" / >,我得到了相同的401.2错误,但不同的是,从浏览器更多的行:

HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
Most likely causes:
•No authentication protocol (including anonymous) is selected in IIS.
•Only integrated authentication is enabled, and a client browser was used that does not support integrated authentication.
•Integrated authentication is enabled and the request was sent through a proxy that changed the authentication headers before they reach the Web server.
•The Web server is not configured for anonymous access and a required authorization header was not received.
•The "configuration/system.webServer/authorization" configuration section may be explicitly denying the user access.
Things you can try:
•Verify the authentication setting for the resource and then try requesting the resource using that authentication method.
•Verify that the client browser supports Integrated authentication.
•Verify that the request is not going through a proxy when Integrated authentication is used.
•Verify that the user is not explicitly denied access in the "configuration/system.webServer/authorization" configuration section.
•Check the failed request tracing logs for additional information about this error. For more information, click here. 
More Information:
This error occurs when the WWW-Authenticate header sent to the Web server is not supported by the server configuration. Check the authentication method for the resource, and verify which authentication method the client used. The error occurs when the authentication methods are different. To determine which type of authentication the client is using, check the authentication settings for the client. 
View more information »

我该怎么办?我想在没有任何身份验证的情况下访问该页面。

lc8prwob

lc8prwob1#

我解决了。后

<windowsAuthentication enabled="false" />
<anonymousAuthentication enabled="true" />

我在网上发现了另一个我以前不知道的配置,web.xml。我的web.config中的行是:

<deny users="?" />

我把它改成了:

<allow users="?" />

现在一切都好了

相关问题