[英]System.Webserver rewrite and secure at the same time
I'm serving Confluence through IIS to end user, here is web.config: 我正在通过IIS向最终用户提供Confluence,这是web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<security>
<requestFiltering allowDoubleEscaping="True" />
</security>
<rewrite>
<rules>
<rule name="RewriteUserFriendlyURL" stopProcessing="false">
<match url="\+" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="{UrlDecode:{REQUEST_URI}}" />
</rule>
<rule name="inbound" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://localhost:8090/{R:1}" />
</rule>
</rules>
</rewrite>
<handlers>
<remove name="WebServiceHandlerFactory-ISAPI-2.0-64" />
<remove name="WebServiceHandlerFactory-ISAPI-2.0" />
<remove name="PageHandlerFactory-ISAPI-2.0" />
<remove name="PageHandlerFactory-ISAPI-2.0-64" />
<remove name="PageHandlerFactory-Integrated" />
<remove name="WebServiceHandlerFactory-Integrated" />
<remove name="SimpleHandlerFactory-ISAPI-2.0-64" />
<remove name="SimpleHandlerFactory-ISAPI-2.0" />
<remove name="SimpleHandlerFactory-Integrated" />
<remove name="CGI-exe" />
<remove name="ISAPI-dll" />
</handlers>
</system.webServer>
</configuration>
Confluence runs in it's own process on port 8090 What I want is somehow add confluence as a subfolder to another site so it goes to: Confluence在端口8090上以其自己的进程运行,我想要以某种方式将confluence作为子文件夹添加到另一个站点,因此它可以:
site.com/confluence site.com/confluence
site.com is ASP.NET website. site.com是ASP.NET网站。 I'd like to password-protect /confluence folder.
我想用密码保护/ confluence文件夹。
So, if user logged in to site.com (ASP.NET Membership provider) - they get access to /confluence folder. 因此,如果用户登录到site.com(ASP.NET成员资格提供程序),则可以访问/ confluence文件夹。
Is this possible and how this should be done? 这可能吗,应该怎么做?
What you are asking for is Delegated Authentication of a IIS Reverse Proxy. 您要的是IIS反向代理的委派身份验证。
This is technically possible. 从技术上讲这是可能的。
You don't want to do this. 您不想这样做。 Because you would need to use ASP.Net authentication to view the website.
因为您将需要使用ASP.Net身份验证来查看网站。 But then you also need to log in using your confluence log in.
但是随后,您还需要使用融合登录来登录。
You actually want to use 您实际上想使用
https://confluence.atlassian.com/kb/single-sign-on-integration-with-the-atlassian-stack-794495126.html https://confluence.atlassian.com/kb/single-sign-on-integration-with-the-atlassian-stack-794495126.html
With this solution, Confluence uses Crowd to connect to ASP.Net using OpenID. 通过此解决方案,Confluence使用Crowd通过OpenID连接到ASP.Net。
I recommend using IdentityServer to expose your ASP.Net Membership Provider to the OpenID api. 我建议使用IdentityServer将ASP.Net成员资格提供程序公开给OpenID api。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.