Question

我有一个在用户通过身份验证后工作正常的脚本：

[MobileAppController]
public class TestController : ApiController
{
// GET api/Test
[HttpGet, Route("api/Test/completeAll")]
public string Get()
{
    MobileAppSettingsDictionary settings = this.Configuration.GetMobileAppSettingsProvider().GetMobileAppSettings();
    ITraceWriter traceWriter = this.Configuration.Services.GetTraceWriter();

        string host = settings.HostName ?? "localhost";
        string greeting = "Hello from " + host;

        traceWriter.Info(greeting);
        return greeting;
    }

    // POST api/values
    [HttpPost, Route("api/Test/completeAll")]
    public string Post(string hej)
    {
        string retVal = "Hello World!" + hej;
        return retVal;
    }
}
}

可以看出，我没有添加属性[Authorize]，这是要求身份验证的新方法see controller on this link。并且在同一链接中声明控制器现在是匿名的。

但是，如果我在验证之前尝试访问控制器，则会拒绝访问，但在验证后它可以正常工作。

任何人都可以澄清这个吗？

更新

根据this link我不应该更改任何内容因为安装了快速入门。它仍然无法正常工作：/

Answer 1

Do you have the Azure App Service Authentication / Authorization set to require authentication for all requests?

Go to you App Service in the Azure Portal
All Settings -> Authentication / Authorization (under FEATURES)
Under "Action to take when request is not authenticated", set to "Allow request (no action)"

This will let the application control the authorization rather than the service.

Azure App Service未经授权的用户访问控制器

1 个答案: