無法在IIS

Question

運行IdentityServer3我從here下載了IdentityServer的代碼。在IIS Express中運行IdentityServer3 \ Host.Web解決方案時，我可以使用TokenClient.RequestResourceOwnerPasswordAsync方法從控制檯客戶端進行身份驗證。

但是，只要我切換IdentityServer3 \ Host.Web直接IIS下運行，我得到以下錯誤：

HTTP Error 401.1 - Unauthorized 
You do not have permission to view this directory or page using the credentials that you supplied. 
Most likely causes: 
- The username supplied to IIS is invalid. 
- The password supplied to IIS was not typed correctly. 
- Incorrect credentials were cached by the browser. 
- IIS could not verify the identity of the username and password provided. 
- The resource is configured for Anonymous authentication, but the configured anonymous account either has an invalid password or was disabled. 
- The server is configured to deny login privileges to the authenticating user or the group in which the user is a member. 
- Invalid Kerberos configuration may be the cause if all of the following are true: 
    - Integrated authentication was used. 
    - the application pool identity is a custom account. 
    the server is a member of a domain. 

我有什麼以不同的配置來獲得IdentityServer3到IIS下工作嗎？

Answer 1

解決方案1：

它看起來像一個解決方案是改變身份驗證類型PostValues：

var client = new TokenClient(
      authenticationUrl, 
      "carbon", 
      "21B5F798-BE55-42BC-8AA8-0025B903DC3B", 
      AuthenticationStyle.PostValues); 

var token = await client.RequestResourceOwnerPasswordAsync("bob", "secret", "api1"); 

請注意，您必須設置AuthenticationStyle在構造函數中。在構造之後設置它是有問題的，因爲驗證頭是在構造函數中有條件地創建的。

解決方案2：

禁用 「基本身份驗證」，在IIS設置。