使用 Docker 进行 ASP.NET Core Windows 身份验证

Question

我正在尝试按照此答案中的步骤创建一个在 docker 上运行并具有 Windows 身份验证的 asp.net core Web 应用程序。

我已将项目上传到谷歌驱动器，如果您想下载它：谷歌驱动器链接

项目信息：

• ASP.Net 核心 Web 应用程序
• .net 5.0框架
• 窗口身份验证
• 码头工人支持（Linux）
• 在 Windows 10 上使用 Visual Studio 2019 社区 (16.10.2) 创建。

我的步骤：

• 添加了 HomeController + 视图
• 安装Microsoft.AspNetCore.Authentication.Negotiate包
• 添加services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();到ConfigureServices
• 添加app.UseAuthentication();到Configure

行为（调试模式，docker）：

我可以在不输入我的凭据的情况下进入应用程序并且User.Identity.Name为空。我Microsoft.AspNetCore.Authorization.AuthorizeAttribute在家庭控制器上添加了该属性，因此现在我可以输入我的凭据，但是一旦我收到以下错误：

GssApiException：GSSAPI 操作失败并出现错误 - 未指定的 GSS 故障。次要代码可能会提供更多信息（Keytab FILE:/etc/krb5.keytab 不存在或为空）。

Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync() Microsoft.AspNetCore.Authentication.Negotiate.NegotiateHandler.HandleRequestAsync() Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext 上下文) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext语境）

我不确定问题是什么（或者这是否是正确的方法），所以我希望了解一些关于如何做到这一点的观点。我在下面包含了该项目的相关文件。

启动.cs

using Microsoft.AspNetCore.Authentication.Negotiate;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;

namespace DockerTest {
    public class Startup {
        public Startup(IConfiguration configuration) {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        public void ConfigureServices(IServiceCollection services) {
            services.AddRazorPages();
            services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate();
        }

        public void Configure(IApplicationBuilder app, IWebHostEnvironment env) {
            app.UseDeveloperExceptionPage(); // removed other case to save space

            app.UseHttpsRedirection();
            app.UseStaticFiles();

            app.UseRouting();

            app.UseAuthentication();
            app.UseAuthorization();

            app.UseEndpoints(endpoints => {
                endpoints.MapControllerRoute(
                    name: "default",
                    pattern: "{controller=Home}/{action=Index}/{id?}");
            });
        }
    }
}

程序.cs

using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Hosting;

namespace DockerTest {
    public class Program {
        public static void Main(string[] args) {
            CreateHostBuilder(args).Build().Run();
        }

        public static IHostBuilder CreateHostBuilder(string[] args) => Host.CreateDefaultBuilder(args).ConfigureWebHostDefaults(webBuilder => { webBuilder.UseStartup<Startup>(); });
    }
}

HomeController.cs

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace DockerTest.Controllers {
    [Route("[controller]")]
    [Authorize]
    public class HomeController : Controller {
        [Route("/")]
        [Route("/Home")]
        [Route("/Home/Index")]
        public IActionResult Index() {
            return View();
        }
    }
}

DockerFile（由 vs 创建）

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443

FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
WORKDIR /src
COPY ["DockerTest/DockerTest.csproj", "DockerTest/"]
RUN dotnet restore "DockerTest/DockerTest.csproj"
COPY . .
WORKDIR "/src/DockerTest"
RUN dotnet build "DockerTest.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "DockerTest.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "DockerTest.dll"]