asp.net权限认证：域认证

1.web.config配置文件

<configuration>

  <system.web>

    <authentication mode=\"Windows\" />

  </system.web>

</configuration>

2.IIS身份认证中关闭其他认证，只保留“Windows身份认证”　

3.设置显示域认证的登录框

调整浏览器的设置

然后浏览器就是显示出

4. 项目通过IIS拿到domainUserName，然后剩下的操作获取用户权限等，就跟Forms认证是一样了,当然了，我们还可以获取更加详细的用户信息

  protected void Page_Load(  sender, EventArgs e)

        {

            var domainUserName = System.Web.HttpContext.Current.User.Identity.Name;

            var authenticationType = System.Web.HttpContext.Current.User.Identity.AuthenticationType;

            Response.Write(\"域账号：\" + domainUserName + \"<br/>\");

            Response.Write(\"认证类型：\" + authenticationType + \"<br/>\");

            var user = this.GetUserInfo(domainUserName);

            if (user != null)

            {

                Response.Write(\"登录名：\" + user.SAMAccountName + \"<br/>\");

                Response.Write(\"短名称：\" + user.GivenName + \"<br/>\");

                Response.Write(\"名称：\" + user.CN + \"<br/>\");

                Response.Write(\"邮件：\" + user.Email + \"<br/>\");

            }

        }

        private UserInfo GetUserInfo(string domainUserName)

        {

            try

            {

                if (string.IsNullOrEmpty(domainUserName))

                {

                    return null;

                }

                var userArr = domainUserName.Split(\'\\\\\');

                var domain = userArr[0];

                var loginName = userArr[1];

                var entry = new DirectoryEntry(string.Concat(\"LDAP://\", domain));

                var search = new DirectorySearcher(entry);

                search.Filter = string.Format(\"(SAMAccountName={0})\", loginName);

                search.PropertiesToLoad.Add(\"SAMAccountName\");

                search.PropertiesToLoad.Add(\"givenName\");

                search.PropertiesToLoad.Add(\"cn\");

                search.PropertiesToLoad.Add(\"mail\");

                var result = search.FindOne();

                if (result != null)

                {

                    var info = new UserInfo();

                    info.SAMAccountName = result.Properties[\"SAMAccountName\"][0].ToString();

                    info.GivenName = result.Properties[\"givenName\"][0].ToString();

                    info.CN = result.Properties[\"cn\"][0].ToString();

                    info.Email = result.Properties[\"mail\"][0].ToString();

                    return info;

                }

            }

            catch

            { }

            return null;

        }

        public sealed class UserInfo

        {

            public string SAMAccountName;

            public string GivenName;

            public string CN;

            public string Email;

        }