1

我遇到了一个奇怪的问题。我有一个部署到 Azure 的 .Net 应用程序,它使用 Azure ACS 进行身份验证。虽然项目设置为 Web 应用程序,但我们主要提供静态 .html 和 .js 文件。问题是,只有当用户直接访问我们的根 URL 时,他们才会被重定向到通过 ACS 进行身份验证。

例如,我通过 Azure 模拟器在本地进行了此设置。如果用户访问 127.0.0.1:81/ 他们会被重定向登录,但如果他们直接访问 127.0.0.1:81/Index.html,他们能够加载页面而不会被重定向到 ACS。(尽管在页面加载到 .svc 服务期间随后的 .js 调用失败)

这是我的 web.config 文件:

<?xml version="1.0" encoding="utf-8"?>
<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->
<configuration>
  <configSections>
    <section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
  </configSections>
  <location path="FederationMetadata">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
  <system.web>
    <httpRuntime requestValidationMode ="2.0"/>
    <authorization>
      <deny users="?" />
    </authorization>
    <authentication mode="None" />
    <compilation debug="true" targetFramework="4.0">
      <assemblies>
        <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        <add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
      </assemblies>
    </compilation>
  </system.web>
  <connectionStrings>
    <add name="ExperienceBrowserEntities" connectionString="metadata=res://*/ExperienceBrowser.csdl|res://*/ExperienceBrowser.ssdl|res://*/ExperienceBrowser.msl;provider=System.Data.SqlClient;provider connection string=&quot;Data Source=tmbwb1mnyn.database.windows.net;Initial Catalog=ExperienceBrowser;Persist Security Info=True;User ID=ExperienceBrowserUser;Password=XXXXXXXX;MultipleActiveResultSets=True;Application Name=EntityFramework&quot;" providerName="System.Data.EntityClient" />
  </connectionStrings>
  <system.serviceModel>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
  </system.serviceModel>
  <appSettings>
    <add key="FederationMetadataLocation" value="https://appCentral.accesscontrol.windows.net/FederationMetadata/2007-06/FederationMetadata.xml" />
  </appSettings>
  <system.webServer>
    <modules>
      <add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
      <add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
    </modules>
  </system.webServer>
  <microsoft.identityModel>
    <service>
      <audienceUris>
        <add value="http://127.0.0.1:81/" />
      </audienceUris>
      <federatedAuthentication>
        <wsFederation passiveRedirectEnabled="true" issuer="https://appCentral.accesscontrol.windows.net/v2/wsfederation" realm="http://127.0.0.1:81/" requireHttps="false" />
        <cookieHandler requireSsl="false" />
      </federatedAuthentication>
      <applicationService>
        <claimTypeRequired>
          <!--Following are the claims offered by STS 'https://appCentral.accesscontrol.windows.net/'. Add or uncomment claims that you require by your application and then update the federation metadata of this application.-->
          <claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" optional="true" />
          <claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true" />
          <!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" optional="true" />-->
          <!--<claimType type="http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider" optional="true" />-->
        </claimTypeRequired>
      </applicationService>
      <issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
        <trustedIssuers>
          <add thumbprint="D6DAB54F4A47E88FFF206E6796A3367DA6033B0C" name="https://appCentral.accesscontrol.windows.net/" />
        </trustedIssuers>
      </issuerNameRegistry>
      <certificateValidation certificateValidationMode="None" />
    </service>
  </microsoft.identityModel>
</configuration>
4

1 回答 1

0

认为您需要在 IIS 中添加要由 ASP.NET 处理的那些扩展。此答案不基于 Azure。我必须用常规的 IIS 和 ASP.NET 来做这件事。如果它在 Azure 中不起作用,请告诉我,我将删除答案。

“文件扩展名到 ASP.NET 的映射是在 Internet 信息服务 (IIS) 中完成的。默认情况下,.aspx 页面由 ASP.NET 运行,而 .htm 和 .html 页面则不是。”

ASP.NET 网页语法概述

于 2012-07-13T19:17:48.440 回答