Windows Authentication with Chrome and IIS
来源:互联网 发布:写小说 软件 编辑:程序博客网 时间:2024/05/29 13:45
转载,留作以后查看
Recently I was tasked at work with creating a dashboard application for use on our intranet using ASP.Net MVC. Due to the need to track some user preferences, I set this up to use Windows Authentication so I would be automatically passed the credentials from the user’s Windows session. I developed the web app and tested it using IIS express on my local machine using both Internet Explorer and Google Chrome without issue. When it came time to deploy the site to our test cluster for some user feedback, this is where I discovered an issue around Windows Authentication with Chrome and IIS (Internet Explorer still worked fine).
When pulling up the site in Chrome I was greeted with “This webpage is not available”. Clicking on the more button revealed the error code: “ERR_INVALID_AUTH_CREDENTIALS”.
What Didn’t Work:
I remembered reading where Chrome uses the local intranet settings from Internet Explorer so I pulled up those settings to take a look. I tried specifically adding the new site to the local intranet zone with the dialog box shown below (Internet Options -> Security Tab -> Sites -> Advanced). Unfortunately, this didn’t help. When I refreshed Chrome I still had the “ERR_INVALID_AUTH_CREDENTIALS” error.
Back on the security tab in the internet options dialog, I clicked the “Custom Level” button and looked through all the settings. At the very bottom I found what looked like a promising setting under User Authentication -> Logon. By default, “Automatic logon only in Intranet zone” was selected. I changed that to the option below it that read, “Automatic logon with current user name and password”. Upon refreshing Chrome, I once again found I was still getting the “ERR_INVALID_AUTH_CREDENTIALS” error.
What Worked:
At this point I decided to start Googling around for some help. I found several StackOverflow questions that offered some suggestions, but none of them seemed to work. Eventually I stumbled across the suggestion of removing “Negotiate” from the enabled providers in IIS for the site. I gave it a shot, and this is what ended up solving the issue for me.
Here’s how to make the change: Navigate to your site/application in IIS and select it by clicking on it. This should show a list of options in the “features view” on the right hand side of the screen. Find “Authentication” and double click on it.
You should now see a list of different authentication types. Click on Windows Authentication to select it and then click on Providers in the Action section of the right hand column.
This will pop-up a dialog showing the enabled providers. I tried adjusting the negotiate provider’s priority by moving it down the list, but that didn’t seem to have any effect. Remove the “Negotiate” provider by clicking on it in the list to select it and then clicking on Remove.
Click the Ok button on the dialog to close it down and then refresh your site in Chrome.
Version Information:
Google Chrome v33
Internet Explorer v11
IIS v7.5
- Windows Authentication with Chrome and IIS
- Windows Integrated Authentication in the combination of IIS and Tomcat
- Kerberos authentication may problem with IIS
- Configure FTP with IIS 7 Manager Authentication
- Strong Authentication with One-Time Passwords in Windows 7 and Windows Server 2008 R2
- Configure FTP with IIS Manager Authentication in IIS 7
- Configure FTP with IIS Manager Authentication in IIS 7
- IIS 提示 <authentication mode="Windows" /> 错误
- Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
- Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
- Custom Authentication and Encryption with WCF
- Rails Authentication with Devise and CanCan
- Run Android apps in Windows, OS X, Linux with Chrome (and a modified runtime)
- Apache and Subversion authentication with Microsoft Active Directory LDAP
- How to set up tomcat with server authentication and client certificate authentication enabled
- Authentication in IIS
- Working with windows in chrome code
- UsernameToken Authentication with Rampart
- 去除Linux多余的内核(fedora、ubuntu)
- Java多线程的两种实现方式的区别以及同步问题中的锁对象深刻解析
- maven in action(四)maven坐标和依赖
- 优化php执行效率的40条小技巧
- C++第三章
- Windows Authentication with Chrome and IIS
- 01-背包问题---Bone Collector
- Android客户端程序通过Web Service实现对服务器端数据库的查询
- I2C组件(新)
- 关于java.lang.OutOfMemoryError: PermGen space问题的解决办法
- hibernate4 DetachedCriteriaBuilder的基本案例
- 【数据库之事务(一)】事务是什么,以及事务四个特性,以及事务并发问题和隔离级别
- Maven生命周期
- Where is my java?