我正在使用WIF在IIS上为我的应用程序执行SSO实现。 我被要求添加一个Default.aspx页面,该页面带有一个Login(一个)链接(以及SSO Login页面)的链接。
为此,我将遵循为该实现提供的文档,并在Web配置中添加了两个位置路径标签。
这些是我添加的标签(根据文档):
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<location path="WebResource.axd">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
这里是评论中要求的完整Web配置:
<configuration>
<configSections>
<sectionGroup name="devExpress">
<section name="compression" type="DevExpress.Web.CompressionConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="themes" type="DevExpress.Web.ThemesConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="errors" type="DevExpress.Web.ErrorsConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="settings" type="DevExpress.Web.SettingsConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="resources" type="DevExpress.Web.ResourcesConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
</sectionGroup>
<section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
</configSections>
<connectionStrings>
<add name="AppNameConnectionString" connectionString="Data Source=DataSourceName;Initial Catalog=CatalogName;Persist Security Info=True;User ID=User;Password=Password" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="DbNetSuiteLicenseKey" value="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" />
<!--<add key="DbNetSuiteSymmetricKeyName" value="" />
<add key="DbNetSuiteCertificateName" value="" />-->
<add key="FederationMetadataLocation" value="https://metadatalink/FederationMetadata/2007-06/FederationMetadata.xml" />
</appSettings>
<location path="FederationMetadata">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<location path="WebResource.axd">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?" />
</authorization>
<authentication mode="None" />
<httpRuntime executionTimeout="600" />
<customErrors mode="Off" />
<pages styleSheetTheme="AppName" validateRequest="false" controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
<controls>
<add tagPrefix="dx" namespace="DevExpress.Web.ASPxHtmlEditor" assembly="DevExpress.Web.ASPxHtmlEditor.v17.1" />
<add tagPrefix="dx" namespace="DevExpress.Web" assembly="DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add tagPrefix="lc" namespace="Lightcode.Framework.Presentation.Web.UI.Blocks" assembly="Framework.Presentation.Web" />
</controls>
</pages>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Printing.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Data.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxSpellChecker.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.SpellChecker.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.XtraCharts.v17.1.Web, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.XtraCharts.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=B88D1754D700E49A" />
<add assembly="DevExpress.Charts.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxHtmlEditor.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.DirectoryServices.Protocols, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.ServiceProcess, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web.RegularExpressions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.RichEdit.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxThemes.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxScheduler.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.XtraScheduler.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Data.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
</assemblies>
</compilation>
<httpModules>
<add name="ASPxHttpHandlerModule" type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
</httpModules>
<globalization culture="it-IT" uiCulture="it-IT" />
<httpHandlers>
<add verb="GET,POST" path="ASPxUploadProgressHandlerPage.ashx" type="DevExpress.Web.ASPxUploadProgressHttpHandler, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" verb="GET,POST" path="DX.ashx" validate="false" />
</httpHandlers>
<webServices>
<protocols>
<add name="HttpGet" />
<add name="HttpPost" />
</protocols>
</webServices>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add name="ASPxHttpHandlerModule" type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" preCondition="managedHandler" />
</modules>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" verb="GET,POST" path="DX.ashx" name="ASPxHttpHandlerModule" preCondition="integratedMode" />
<add name="ASPxUploadProgressHandler" preCondition="integratedMode" verb="GET,POST" path="ASPxUploadProgressHandlerPage.ashx" type="DevExpress.Web.ASPxUploadProgressHttpHandler, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<!--Modifica Fabio-->
<add name="dbnetgrid_ashx" verb="*" path="dbnetgrid.ashx" type="DbNetLink.DbNetSuite.DbNetGrid" />
<add name="dbnetedit_ashx" verb="*" path="dbnetedit.ashx" type="DbNetLink.DbNetSuite.DbNetEdit" />
<add name="dbnetfile_ashx" verb="*" path="dbnetfile.ashx" type="DbNetLink.DbNetSuite.DbNetFile" />
<add name="dbnetspell_ashx" verb="*" path="dbnetspell.ashx" type="DbNetLink.DbNetSuite.DbNetSpell" />
<add name="dbnetcombo_ashx" verb="*" path="dbnetcombo.ashx" type="DbNetLink.DbNetSuite.DbNetCombo" />
<add name="dbnetlist_ashx" verb="*" path="dbnetlist.ashx" type="DbNetLink.DbNetSuite.DbNetList" />
<add name="dbnetsuite_js_ashx" verb="*" path="dbnetsuite.js.ashx" type="DbNetLink.DbNetSuite.JS" />
<add name="dbnetsuite_css_ashx" verb="*" path="dbnetsuite.css.ashx" type="DbNetLink.DbNetSuite.CSS" />
</handlers>
</system.webServer>
<devExpress>
<compression enableHtmlCompression="false" enableCallbackCompression="true" enableResourceCompression="true" enableResourceMerging="false" />
<errors callbackErrorRedirectUrl="" />
<themes enableThemesAssembly="true" styleSheetTheme="" theme="" customThemeAssemblies="" baseColor="" font="" />
<settings doctypeMode="Xhtml" rightToLeft="false" embedRequiredClientLibraries="false" ieCompatibilityVersion="8" accessibilityCompliant="false" bootstrapMode="Bootstrap3" checkReferencesToExternalScripts="true" protectControlState="true" />
</devExpress>
<microsoft.identityModel>
<service>
<audienceUris>
<add value="https://server/AppName/Login.aspx" />
</audienceUris>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="https://idptest/adfs/ls/" realm="https://server/AppName/Login.aspx" requireHttps="true" />
<cookieHandler requireSsl="true" />
</federatedAuthentication>
<serviceCertificate>
<certificateReference x509FindType="FindByThumbprint" findValue="XXXXXXXXXXXXXXXXXXXXXXXXXXXX" storeLocation="LocalMachine" storeName="My" />
</serviceCertificate>
<applicationService>
<claimTypeRequired>
<!--Following are the claims offered by STS 'http://idptest/adfs/services/trust'. Add or uncomment claims that you require by your application and then update the federation metadata of this application.-->
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" optional="true" />
<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true" />
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/CommonName" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/EmailAddress" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/Group" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/UPN" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/claims/authnmethodsreferences" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2013/11/alternateloginid" optional="true" />-->
</claimTypeRequired>
</applicationService>
<certificateValidation certificateValidationMode="None" />
<issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx">
<trustedIssuers>
<add thumbprint="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" name="http://idptest/adfs/services/trust" />
</trustedIssuers>
</issuerNameRegistry>
</service>
</microsoft.identityModel>
</configuration>
当我尝试访问该应用程序时,在第一个位置标记(Default.aspx一个)上收到“无法识别的元素”错误。
我对这种事情不太熟悉,所以我不确定问题是否可能是缺少IIS设置或Web配置中缺少某些东西的IIS。
