我为IdentityServer4创建了一个新项目,并包含了QuickUI。然后我按照链接http://docs.identityserver.io/en/latest/topics/windows.html添加Windows身份验证。
startup.cs
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddTestUsers(Config.GetUsers())
.AddInMemoryIdentityResources(Config.GetIdentityResources())
.AddInMemoryClients(Config.GetClients());
services.Configure<IISOptions>(iis =>
{
iis.AuthenticationDisplayName = "Windows";
iis.AutomaticAuthentication = false;
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); }
app.UseIdentityServer();
app.UseStaticFiles();
app.UseMvcWithDefaultRoute();
}
}
Program.cs中
public class Program
{
public static void Main(string[] args) => CreateWebHostBuilder(args).Build().Run();
public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup<Startup>();
}
但是,外部登录按钮仍未显示在页面https://localhost:44378/Account/Login中。我发现DisplayName
的await _schemeProvider.GetAllSchemesAsync()
是空的而schema.Name
是idsrv.external
而不是Windows
(AccountOptions.WindowsAuthenticationSchemeName
)。
AccountController.cs
private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl)
var schemes = await _schemeProvider.GetAllSchemesAsync();
var providers = schemes
.Where(x => x.DisplayName != null || // schemes.DisplayName is null
(x.Name.Equals(AccountOptions.WindowsAuthenticationSchemeName, // "idsrv.external" != "Windows"
StringComparison.OrdinalIgnoreCase))
)
.Select(x => new ExternalProvider
{
DisplayName = x.DisplayName,
AuthenticationScheme = x.Name
}).ToList();
如何解决问题?
顺便说一句,我只需要对Windows / AD进行身份验证,所以我不需要外部按钮。如何更改代码?
它需要禁用“匿名身份验证”并启用“Windows身份验证”。