首页 新闻 搜索 专区 学院

Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'

0
悬赏园豆:50 [已关闭问题] 关闭于 2010-08-14 20:05

我做了几个页面放到了sharepoint的目录C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\TEMPLATE\LAYOUTS 里,然后在MOss前台建了几个LInk来访问,这几个页面访问了另外一个数据库,但一打开报这个匿名登录的错。

奇怪的是我明明已经在Application Pool里设置了一个高权限的用户啊,那么这个匿名用户是哪来的呢? 我就使用的是默认NTLM认证。

大家帮忙看看...  不胜感激。。。

彷徨......的主页 彷徨...... | 初学一级 | 园豆:55
提问于:2010-08-13 17:40
< >
分享
所有回答(1)
0

你打开页面的时候没弹出索要 windows 凭据的窗体?

Launcher | 园豆:45045 (高人七级) | 2010-08-13 17:43
是这样子的,一进入moss会弹出认证窗口的,在我正常输入后,里边有个Link会指向我的页面。
支持(0) 反对(0) 彷徨...... | 园豆:55 (初学一级) | 2010-08-13 18:36
@彷徨......:那就是你正常登录了,但是通过Link跳转的时候没有把session传递过去。
支持(0) 反对(0) Launcher | 园豆:45045 (高人七级) | 2010-08-14 19:37
肯定不是session的问题。 我想我是找到答案了 It sounds like you've encountered what is known as the "double hop" problem. This is a problem that occurs if you are building your own web parts in SharePoint and you are trying to access a database that is installed on a separate database server with the current user's credentials. Windows is not able to pass the user's credentials from the SharePoint server to the SQL Server if you are using NTLM authentication. You can do a couple of things to get rid of the "double hop" issue. Which one is the best depends on your specific scenario. 1. You can use RunWithElevatedPermissions in your code. This runs the code within that code block under the application pool account. This will get rid of the hop issue, but it will access the SQL database as the application pool account of your SharePoint web application, so that will only work in some scenarios. 2. Another solution is that you can use Kerberos to authenticate against your web application and turn on delegation. If you use delegation the web application that you are running your web part from will delegate the user's credentials to, for instance, the SQL Server. Because the credentials are delegated the credentials will be passed to the SQL Server without a problem and you will get rid of the double hop issue. A good resource on delegation can be found here http://www.adopenstatic.com/cs/blogs/ken/archive/2007/01/28/1282.aspx. Note that in order for your SharePoint web application to use Kerberos authentication you have to configure that on your web application http://technet.microsoft.com/en-us/library/cc263449.aspx. 3. This one isn't recommended in most cases, as it is less secure, but theoratically you could use SQL authentication to authenticate against the database. As you are passing SQL credentials in the connection string no double hop issue will occur here either. This would however require you to turn on SQL authentication on the SQL Server and
支持(0) 反对(0) 彷徨...... | 园豆:55 (初学一级) | 2010-08-14 20:05
用SQL身份验证,别用Windows身份验证. 用Windows身份验证的话,就在代码里使用Windows身份模拟为当前执行线程分配Identity,然后再打开数据库.
支持(0) 反对(0) Launcher | 园豆:45045 (高人七级) | 2010-08-16 14:05

@Launcher: 我也遇到了这个问题,我想知道如何模拟windows身份验证,有的server由于安全不允许开混合身份验证。大神,帮帮忙吧?

支持(0) 反对(0) 空明流光 | 园豆:74 (初学一级) | 2015-03-26 15:08
清除回答草稿
   您需要登录以后才能回答,未注册用户请先注册