stackoom
  简体   繁体   中英

System.Webserver rewrite and secure at the same time

 原文  2016-07-21 02:20:57       asp.net/ security/ iis/ membership-provider

Question

I'm serving Confluence through IIS to end user, here is web.config: 

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <security>
            <requestFiltering allowDoubleEscaping="True" />
        </security>
        <rewrite>
            <rules>
                <rule name="RewriteUserFriendlyURL" stopProcessing="false">
                    <match url="\+" />
                    <conditions>
                        <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
                        <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
                    </conditions>
                    <action type="Rewrite" url="{UrlDecode:{REQUEST_URI}}" />
                </rule>
                <rule name="inbound" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Rewrite" url="http://localhost:8090/{R:1}" />
                </rule>
            </rules>
        </rewrite>
        <handlers>
            <remove name="WebServiceHandlerFactory-ISAPI-2.0-64" />
            <remove name="WebServiceHandlerFactory-ISAPI-2.0" />
            <remove name="PageHandlerFactory-ISAPI-2.0" />
            <remove name="PageHandlerFactory-ISAPI-2.0-64" />
            <remove name="PageHandlerFactory-Integrated" />
            <remove name="WebServiceHandlerFactory-Integrated" />
            <remove name="SimpleHandlerFactory-ISAPI-2.0-64" />
            <remove name="SimpleHandlerFactory-ISAPI-2.0" />
            <remove name="SimpleHandlerFactory-Integrated" />
            <remove name="CGI-exe" />
            <remove name="ISAPI-dll" />
        </handlers>
    </system.webServer>
</configuration>

Confluence runs in it's own process on port 8090 What I want is somehow add confluence as a subfolder to another site so it goes to:

site.com/confluence

site.com is ASP.NET website. I'd like to password-protect /confluence folder.

So, if user logged in to site.com (ASP.NET Membership provider) - they get access to /confluence folder.

Is this possible and how this should be done?

1 answers

solution1
 0  2016-07-21 02:39:10

What you are asking for is Delegated Authentication of a IIS Reverse Proxy.

This is technically possible.

You don't want to do this. Because you would need to use ASP.Net authentication to view the website. But then you also need to log in using your confluence log in.

You actually want to use

  • IIS Reverse Proxy/Application Request Routing (this puts the Confluence website in the "subfolder")
  • Single Sign-on Integration with ASP.Net Membership.

https://confluence.atlassian.com/kb/single-sign-on-integration-with-the-atlassian-stack-794495126.html

With this solution, Confluence uses Crowd to connect to ASP.Net using OpenID.

I recommend using IdentityServer to expose your ASP.Net Membership Provider to the OpenID api.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How does the rewrite works in web.config system.webserver The element > system.webServer' has invalid child > element 'rewrite' Adding handler in <system.webServer> Need help for regex design in system.webServer rewrite rule in web.config system.webserver/rewrite/allowedservervariables cannot be read beacuase it is missing a section declaration Element 'system.webServer' has invalid child element 'rewrite'. Should I fix this, and how? Signalr/hubs 404 with system.webServer/modules Error adding elmah modules to system.webserver IIS ignores system.webServer staticContent section httperrors in system.webserver not working on azure
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM