如何在IIS上托管BOT Framework V4 BOT

时间:2019-01-10 06:38:55

标签: azure iis botframework bots azure-bot-service

我在IIS上托管我的BOT Framework V4 BOT。 服务器配置如下

  1. Windows Server 2012 R2
  2. IIS 8.5

我还安装了dotnet-hosting-2.2.1-win.exe,这对于托管BOT V4是必不可少的。我已将应用程序池设置为“无托管代码”。 我已经设置了Startup.cs文件所在的文件夹的路径。 另外,请找到由BOT生成的日志的附件。 仍然无法正常工作,错误如下所示:

HTTP错误403.14-禁止 Web服务器被配置为不列出此目录的内容。

Detailed Error Information:
Module     DirectoryListingModule
Notification       ExecuteRequestHandler
Handler    StaticFile
Error Code     0x00000000
Requested URL      https://myServer/ConfRoomBOT/
Physical Path      ProjectPath
Logon Method       Anonymous
Logon User     Anonymous
Request Tracing Directory      C:\inetpub\logs\FailedReqLogFiles

下面是web.config代码

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <location path="." inheritInChildApplications="false">
    <system.webServer>
      <handlers>
        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
      </handlers>
      <aspNetCore processPath="dotnet" arguments=".\ConfRoom.dll" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" />
    </system.webServer>
  </location>
  <system.net>
     <defaultProxy useDefaultCredentials="false">
        <proxy usesystemdefault="False" proxyaddress="http://xx.xxx.xx.xxx:8080" bypassonlocal="True" />
      </defaultProxy>
  </system.net>
</configuration>

下面是BOT生成的日志

  

托管环境:生产内容根路径:   E:\ Project \ DotNetCoreApps \ ConfRoomPub \ WithPII \ publish现在收听   on:http://127.0.0.1:41826应用程序已启动。按Ctrl + C关闭   下。信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [1]         请求启动HTTP / 1.1 GET http://example.com/ConfRoom/信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [1]         请求启动HTTP / 1.1 GET http://example.com/ConfRoom/信息:Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware [2]         正在发送文件。请求路径:“ / default.htm”。物理路径:“ E:\ Project \ DotNetCoreApps \ ConfRoomPub \ WithPII \ publish \ wwwroot \ default.htm”   信息:Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware [6]         文件/default.htm未被修改的信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [2]         请求已完成184.4402ms 304文本/ html信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [2]         请求已完成188.1919ms 200 text / html信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [1]         请求启动HTTP / 1.1 POST http://example.com/ConfRoom/api/messages application / json;   charset = utf-8 373信息:   Microsoft.AspNetCore.Hosting.Internal.WebHost [1]         请求启动HTTP / 1.1 POST http://example.com/ConfRoom/api/messages application / json;   charset = utf-8 359失败:Microsoft.AspNetCore.Server.Kestrel [13]         连接ID“ 0HLJNNKCOIPS7”,请求ID“ 0HLJNNKCOIPS7:00000002”:客户端抛出未处理的异常   应用。 System.InvalidOperationException:IDX20803:无法执行   从以下位置获取配置:   'https://login.botframework.com/v1/.well-known/openidconfiguration'。   ---> System.IO.IOException:IDX20804:无法从以下位置检索文档:   'https://login.botframework.com/v1/.well-known/openidconfiguration'。   ---> System.Net.Http.HttpRequestException:连接尝试失败,因为经过一段时间后被连接方未正确响应   时间或建立的连接失败,因为连接的主机具有   未能回应   ---> System.Net.Sockets.SocketException:连接尝试失败,因为经过一段时间后被连接方未正确响应   时间或建立的连接失败,因为连接的主机具有   未能回应   System.Net.Http.ConnectHelper.ConnectAsync(字符串主机,Int32端口,   CancellationToken cancellingToken)-内部异常结束   堆栈跟踪---   System.Net.Http.ConnectHelper.ConnectAsync(字符串主机,Int32端口,   的CancellationToken cancelToken()   System.Threading.Tasks.ValueTask 1.get_Result() at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Threading.Tasks.ValueTask 1.get_Result()位于   System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask 1 creationTask) at System.Threading.Tasks.ValueTask 1.get_Result()
  在   System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage   request,布尔值doRequestAuth,CancellationToken cancelledToken)
  在System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage   的请求,在   System.Net.Http.HttpClient.FinishSendAsyncBuffered(任务1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts) at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.ConfigurationManager 1.GetConfigurationAsync(CancellationToken   取消)-内部异常堆栈跟踪的结尾-在   Microsoft.IdentityModel.Protocols.ConfigurationManager 1.GetConfigurationAsync(CancellationToken cancel) at Microsoft.IdentityModel.Protocols.ConfigurationManager 1.GetConfigurationAsync()   在   Microsoft.Bot.Connector.Authentication.JwtTokenExtractor.ValidateTokenAsync(String   jwtToken,字符串channelId)在   Microsoft.Bot.Connector.Authentication.JwtTokenExtractor.GetIdentityAsync(String   方案,字符串参数,字符串channelId)   Microsoft.Bot.Connector.Authentication.JwtTokenExtractor.GetIdentityAsync(String   AuthorizationHeader,字符串channelId),位于   Microsoft.Bot.Connector.Authentication.ChannelValidation.AuthenticateChannelToken(字符串   authHeader,ICredentialProvider凭据,HttpClient,httpClient,   字符串channelId)在   Microsoft.Bot.Connector.Authentication.ChannelValidation.AuthenticateChannelToken(字符串   authHeader,ICredentialProvider凭据,字符串serviceUrl,   HttpClient httpClient,字符串channelId)   Microsoft.Bot.Connector.Authentication.JwtTokenValidation.ValidateAuthHeader(String   authHeader,ICredentialProvider凭据,IChannelProvider   channelProvider,字符串channelId,字符串serviceUrl,HttpClient   httpClient)   Microsoft.Bot.Connector.Authentication.JwtTokenValidation.AuthenticateRequest(IActivity   活动,字符串authHeader,ICredentialProvider凭据,   IChannelProvider提供程序,HttpClient httpClient),网址为   Microsoft.Bot.Builder.BotFrameworkAdapter.ProcessActivityAsync(String   authHeader,Activity活动,BotCallbackHandler回调,   的CancellationToken cancelToken()   Microsoft.Bot.Builder.Integration.AspNet.Core.Handlers.BotMessageHandler.ProcessMessageRequestAsync(HttpRequest   请求,IAdapterIntegration适配器,BotCallbackHandler   botCallbackHandler,CancelationToken cancelToken),位于   Microsoft.Bot.Builder.Integration.AspNet.Core.Handlers.BotMessageHandlerBase.HandleAsync(HttpContext   httpContext)   Microsoft.AspNetCore.Builder.Extensions.MapMiddleware.Invoke(HttpContext   上下文)   Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext   httpContext)   Microsoft.AspNetCore.Builder.Extensions.UsePathBaseMiddleware.Invoke(HttpContext   上下文)   Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests [TContext](IHttpApplication 1 application) fail: Microsoft.AspNetCore.Server.Kestrel[13] Connection id "0HLJNNKCOIPS6", Request id "0HLJNNKCOIPS6:00000002": An unhandled exception was thrown by the application. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://login.botframework.com/v1/.well-known/openidconfiguration'.
at Microsoft.IdentityModel.Protocols.ConfigurationManager
1.GetConfigurationAsync(CancellationToken   取消)   Microsoft.IdentityModel.Protocols.ConfigurationManager 1.GetConfigurationAsync() at Microsoft.Bot.Connector.Authentication.JwtTokenExtractor.ValidateTokenAsync(String jwtToken, String channelId) at Microsoft.Bot.Connector.Authentication.JwtTokenExtractor.GetIdentityAsync(String scheme, String parameter, String channelId) at Microsoft.Bot.Connector.Authentication.JwtTokenExtractor.GetIdentityAsync(String authorizationHeader, String channelId) at Microsoft.Bot.Connector.Authentication.ChannelValidation.AuthenticateChannelToken(String authHeader, ICredentialProvider credentials, HttpClient httpClient, String channelId) at Microsoft.Bot.Connector.Authentication.ChannelValidation.AuthenticateChannelToken(String authHeader, ICredentialProvider credentials, String serviceUrl, HttpClient httpClient, String channelId) at Microsoft.Bot.Connector.Authentication.JwtTokenValidation.ValidateAuthHeader(String authHeader, ICredentialProvider credentials, IChannelProvider channelProvider, String channelId, String serviceUrl, HttpClient httpClient) at Microsoft.Bot.Connector.Authentication.JwtTokenValidation.AuthenticateRequest(IActivity activity, String authHeader, ICredentialProvider credentials, IChannelProvider provider, HttpClient httpClient) at Microsoft.Bot.Builder.BotFrameworkAdapter.ProcessActivityAsync(String authHeader, Activity activity, BotCallbackHandler callback, CancellationToken cancellationToken) at Microsoft.Bot.Builder.Integration.AspNet.Core.Handlers.BotMessageHandler.ProcessMessageRequestAsync(HttpRequest request, IAdapterIntegration adapter, BotCallbackHandler botCallbackHandler, CancellationToken cancellationToken) at Microsoft.Bot.Builder.Integration.AspNet.Core.Handlers.BotMessageHandlerBase.HandleAsync(HttpContext httpContext) at Microsoft.AspNetCore.Builder.Extensions.MapMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext httpContext) at Microsoft.AspNetCore.Builder.Extensions.UsePathBaseMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication 1   应用程序)信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [2]         请求完成于21679.9889ms 500信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [2]         请求完成于14958.2414ms 500信息:Microsoft.AspNetCore.Hosting.Internal.WebHost [1]         请求启动HTTP / 1.1 POST http://127.0.0.1:41826/CONFROOM/iisintegration 0信息:   Microsoft.AspNetCore.Hosting.Internal.WebHost [2]         请求已在0.373毫秒内完成202应用程序正在关闭...

请帮助。 谢谢。

3 个答案:

答案 0 :(得分:0)

我认为Drew Marsh在他的回复中发现了问题,这很可能是web.config问题。

如果要在IIS中托管.net核心应用程序,则IIS仍将在应用程序目录中需要一个web.config,这将至少具有处理程序映射和aspNetCore路径。

基本上,IIS必须知道该应用程序是.net核心应用程序以及要运行的代码。

我可能是错的,但是看起来它像对待静态文件一样对待一切。

I get this error if I remove the web.config from a working .net core app hosted in IIS.

看起来几乎与您的错误相同,而我犯了类似的错误。

通常,我很幸运地将我的项目发布为IIS Web部署程序包。这往往会创建所有必要的位。

正在运行的web.confg可能看起来像这样。

<configuration>
      <system.webServer>
        <handlers>
          <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
        </handlers>
        <aspNetCore processPath="dotnet" arguments=".\blagh.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
      </system.webServer>
</configuration>

答案 1 :(得分:0)

根据您添加到问题中的异常详细信息,这是根本问题:

  

应用程序引发了未处理的异常。 System.InvalidOperationException:IDX20803:无法从“ https://login.botframework.com/v1/.well-known/openidconfiguration”获得配置。 ---> System.IO.IOException:IDX20804:无法从“ https://login.botframework.com/v1/.well-known/openidconfiguration”检索文档。 ---> System.Net.Http.HttpRequestException:连接尝试失败,因为一段时间后连接方未正确响应,或者由于连接的主机未能响应而建立连接失败

现在,如果您只是使用浏览器导航到该页面,您应该会看到毫无问题地获得包含描述OpenID配置的JSON元数据文档的响应:

{
  "issuer": "https://api.botframework.com",
  "authorization_endpoint": "https://invalid.botframework.com",
  "jwks_uri": "https://login.botframework.com/v1/.well-known/keys",
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}

好消息是您的机器人似乎运行良好。这实际上表明该机器人已经运行并且已经足够远,可以对请求进行身份验证,所以这是一个好兆头。在我看来,这种异常气味是,无论您的漫游器托管在哪里,都可能没有能力向互联网发出出站请求。那可能吗?它需要能够验证来自bot框架的JWT令牌的真实性,并最终需要通过bot框架将响应发送回客户端。您可能需要将对botframework.com域的HTTP请求列入白名单。

答案 2 :(得分:0)

这是IIS的身份验证问题。我们必须使用具有所有特权的用户帐户,即管理员才能配置以下内容

  1. 应用程序池标识
  2. 托管应用程序(连接为)的IIS身份验证和授权。

我删除了为身份验证编写的所有代码,例如OAuth等。

感谢您的时间。