我遇到了一个奇怪的问题。我有一个部署到Azure的.Net应用程序,它使用Azure ACS进行身份验证。当项目设置为Web应用程序时,我们主要提供静态.html和.js文件。问题是当用户直接访问我们的根URL时,用户被重定向到仅通过ACS进行身份验证。
例如,我通过Azure模拟器在本地设置了此项。如果用户转到127.0.0.1:81/,则会将其重定向到登录,但如果他们直接转到127.0.0.1:81/Index.html,则可以加载页面而不会重定向到ACS。 (尽管在页面加载到.svc服务期间后续的.js调用失败)
这是我的web.config文件:
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<configSections>
<section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</configSections>
<location path="FederationMetadata">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<system.web>
<httpRuntime requestValidationMode ="2.0"/>
<authorization>
<deny users="?" />
</authorization>
<authentication mode="None" />
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
</system.web>
<connectionStrings>
<add name="ExperienceBrowserEntities" connectionString="metadata=res://*/ExperienceBrowser.csdl|res://*/ExperienceBrowser.ssdl|res://*/ExperienceBrowser.msl;provider=System.Data.SqlClient;provider connection string="Data Source=tmbwb1mnyn.database.windows.net;Initial Catalog=ExperienceBrowser;Persist Security Info=True;User ID=ExperienceBrowserUser;Password=XXXXXXXX;MultipleActiveResultSets=True;Application Name=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
</system.serviceModel>
<appSettings>
<add key="FederationMetadataLocation" value="https://appCentral.accesscontrol.windows.net/FederationMetadata/2007-06/FederationMetadata.xml" />
</appSettings>
<system.webServer>
<modules>
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
</modules>
</system.webServer>
<microsoft.identityModel>
<service>
<audienceUris>
<add value="http://127.0.0.1:81/" />
</audienceUris>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="https://appCentral.accesscontrol.windows.net/v2/wsfederation" realm="http://127.0.0.1:81/" requireHttps="false" />
<cookieHandler requireSsl="false" />
</federatedAuthentication>
<applicationService>
<claimTypeRequired>
<!--Following are the claims offered by STS 'https://appCentral.accesscontrol.windows.net/'. Add or uncomment claims that you require by your application and then update the federation metadata of this application.-->
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" optional="true" />
<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true" />
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider" optional="true" />-->
</claimTypeRequired>
</applicationService>
<issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
<trustedIssuers>
<add thumbprint="D6DAB54F4A47E88FFF206E6796A3367DA6033B0C" name="https://appCentral.accesscontrol.windows.net/" />
</trustedIssuers>
</issuerNameRegistry>
<certificateValidation certificateValidationMode="None" />
</service>
</microsoft.identityModel>
</configuration>
答案 0 :(得分:0)
认为您需要在IIS中添加要由ASP.NET处理的扩展。这个答案不是基于Azure。我不得不使用常规的IIS和ASP.NET来做这件事。如果它在Azure中不起作用,请告诉我,我将删除答案。
“文件扩展名到ASP.NET的映射是在Internet Information Services(IIS)中完成的。默认情况下,.aspx页面由ASP.NET运行,.htm和.html页面不是。”