堆栈内存溢出
  简体   繁体   English

在Classic Cloud Services中可以使用ActiveDirectoryMembershipProvider,但不能在Azure Web App上使用

[英]Working ActiveDirectoryMembershipProvider in Classic Cloud Services but do not work on Azure Web App

 原文  2019-08-04 20:21:18       c#/ azure

问题描述

We have a working ASP.Net Web Application (.NET Framework not Core) on .NET 4.7.2 that was deployed to a classic cloud services. 我们在.NET 4.7.2上有一个正常工作的ASP.Net Web应用程序(.NET Framework不是Core),已将其部署到传统的云服务中。 We are trying to deploy it to the Azure App Services. 我们正在尝试将其部署到Azure应用服务。 Majority of the existing functionality are working good so far. 到目前为止,大多数现有功能都运行良好。 Unfortunately we are having trouble with getting the ActiveDirectoryMembershipProvider as part of the FormsAuthentication working. 不幸的是,我们在使ActiveDirectoryMembershipProvider作为FormsAuthentication工作的一部分方面遇到了麻烦。

Our LDAP is hosted in AWS an will be accessed by IP Address. 我们的LDAP托管在AWS中,可通过IP地址访问。 For debugging purposes we try it on unsecured LDAP (port 389). 出于调试目的,我们在不安全的LDAP(端口389)上尝试使用它。 We can reach the LDAP from the machine, we can get the group memberships of the test ldap user. 我们可以从计算机访问LDAP,我们可以获取测试ldap用户的组成员身份。 However, using the built in ActiveDirectoryMembershipProvider we're getting the error below 但是,使用内置的ActiveDirectoryMembershipProvider,我们得到以下错误 

Exception type  System.Configuration.ConfigurationErrorsException
Exception message   Access is denied.
 (D:\home\site\wwwroot\web.config line 242) <--- Access is denied.
System.Configuration.ConfigurationErrorsException: Access is denied.
 (D:\home\site\wwwroot\web.config line 242) ---> System.UnauthorizedAccessException: Access is denied.

   at System.DirectoryServices.ActiveDirectory.DirectoryContext.IsContextValid(DirectoryContext context, DirectoryContextType contextType)
   at System.DirectoryServices.ActiveDirectory.DirectoryContext.isDomain()
   at System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext context)
   at System.Web.Security.DirectoryInformation.InitializeDomainAndForestName()
   at System.Web.Security.ActiveDirectoryMembershipProvider.Initialize(String name, NameValueCollection config)
   at System.Web.Configuration.ProvidersHelper.InstantiateProvider(ProviderSettings providerSettings, Type providerType)
   --- End of inner exception stack trace ---
   at System.Web.Configuration.ProvidersHelper.InstantiateProvider(ProviderSettings providerSettings, Type providerType)
   at System.Web.Configuration.ProvidersHelper.InstantiateProviders(ProviderSettingsCollection configProviders, ProviderCollection providers, Type providerType)
   at System.Web.Security.Membership.InitializeSettings(Boolean initializeGeneralSettings, RuntimeConfig appConfig, MembershipSection settings)
   at System.Web.Security.Membership.Initialize()
   at System.Web.Security.Membership.get_Provider()
   at System.Web.Security.Membership.ValidateUser(String username, String password)
   at <ASPX METHOD>:.ValidateUser(String username, String password) in <ASPX CODEBEHIND>:line 56
   at <ASPX METHOD>(Object sender, EventArgs e) in <ASPX CODEBEHIND>::line 26
   at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
   at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest()
   at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
   at System.Web.UI.Page.ProcessRequest(HttpContext context)
   at ASP.<ASPX CODEBEHIND>:.ProcessRequest(HttpContext context) in d:\local\Temporary ASP.NET Files\root\0a1c09b7\daf71945\App_Web_ahzd2zi1.4.cs:line 0
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.<>c__DisplayClass285_0.<ExecuteStepImpl>b__0()
   at System.Web.HttpApplication.StepInvoker.Invoke(Action executionStep)
   at System.Web.HttpApplication.StepInvoker.<>c__DisplayClass4_0.<Invoke>b__0()
   at Microsoft.AspNet.TelemetryCorrelation.TelemetryCorrelationHttpModule.OnExecuteRequestStep(HttpContextBase context, Action step)
   at System.Web.HttpApplication.<>c__DisplayClass284_0.<OnExecuteRequestStep>b__0(Action nextStepAction)
   at System.Web.HttpApplication.StepInvoker.Invoke(Action executionStep)
   at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

The membership config are as follows 成员资格配置如下 

<membership defaultProvider="MyADMembershipProvider">
    <providers>
        <clear />
        <add name="MyADMembershipProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName" connectionUsername="<DOMAIN>\<USERNAME>" connectionPassword="<PASSWORD>" />
    </providers>
</membership>

The connection string is 连接字符串是 

<add name="ADConnectionString" connectionString="LDAP://<IPADDRESS>:<PORT>/DC=<DOMAIN>,DC=local" />

Can't seem to find anything that would indicate that there is something different running it in Azure. 似乎找不到任何迹象表明在Azure中运行它有所不同。 Any insight is appreciated. 任何见解均表示赞赏。

1 个解决方案

解决方案1
 0  2019-08-06 12:55:44

Azure App Services do not work with Active directory. Azure App Services不适用于Active Directory。 You may want to explore Azure Active Directory. 您可能要探索Azure Active Directory。

LDAP will not work on Cloud directly. LDAP无法直接在Cloud上运行。 You will have to use Azure AD Domain Services - https://docs.microsoft.com/en-us/azure/active-directory-domain-services/configure-ldaps 您将必须使用Azure AD域服务-https://docs.microsoft.com/zh-cn/azure/active-directory-domain-services/configure-ldaps

Also, App services is a sandboxed environment. 此外,App服务是一个沙盒环境。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 .NET 4.6 / 4.7(非4.5)上的Azure云服务(经典)Microsoft.ServiceBus异常 - Azure Cloud Services (classic) Microsoft.ServiceBus exception on .NET 4.6/4.7 (not 4.5) 如何在远程桌面上编辑配置文件(Azure云服务(经典)文件的一部分)? - How to edit configuration files (part of Azure Cloud Services (Classic) files )on Remote Desktop? 角色在ActiveDirectoryMembershipProvider中不起作用 - Roles not working in ActiveDirectoryMembershipProvider 如何从Azure Web Services上的经典ASP网站调用C#类库? - How to call a C# class library from a Classic ASP web site on Azure Web Services? Azure云服务 - Azure Cloud Services VSPerf和Azure云服务 - VSPerf and Azure Cloud Services Azure Cloud Service Classic with .NET Standard目标 - Azure Cloud Service Classic with .NET Standard target Log4net配置在生产Doe Azure Web服务中不起作用 - Log4net configuration is not working in production doe azure web services Azure应用程序日志记录不适用于我的Web App - Azure Application Logging not working for my Web App PDFsharp MigraDoc字体在Azure Web App中不起作用 - PDFsharp MigraDoc Fonts not working in Azure Web App
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM