当我在本地启动我的应用程序时,它按预期工作(除了重定向到 signin-wsfed:https://localhost:5001/signin-wsfed页面......但我不相信它可以链接)
部署后,我使用docker-compose进行部署,第一次连接重定向到ADFS认证页面,但是登录后,我被重定向到一个错误页面(有6个调用:回到我的应用程序,回到ADFS,应用程序,ADFS ...)
这是我的日志:
[root@myserver docker]# docker-compose up -d
Recreating engstats ...
Recreating engstats ... done
[root@myserver docker]# docker-compose logs --tail=50 -f engstats
Attaching to engstats
engstats | info: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[0]
engstats | User profile is available. Using '/root/.aspnet/DataProtection-Keys' as key repository; keys will not be encrypted at rest.
engstats | info: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[58]
engstats | Creating key {eafb1561-dc94-4ab7-892d-f15b6ee3b122} with creation date 2019-07-22 14:23:04Z, activation date 2019-07-22 14:23:04Z, and expiration date 2019-10-20 14:23:04Z.
engstats | warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[35]
engstats | No XML encryptor configured. Key {eafb1561-dc94-4ab7-892d-f15b6ee3b122} may be persisted to storage in unencrypted form.
engstats | info: Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository[39]
engstats | Writing data to file '/root/.aspnet/DataProtection-Keys/key-eafb1561-dc94-4ab7-892d-f15b6ee3b122.xml'.
engstats | Hosting environment: Production
engstats | Content root path: /app
engstats | Now listening on: http://[::]:80
engstats | Application started. Press Ctrl+C to shut down.
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 GET http://engstats.xxx.com/
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 499.6897ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 642.5432ms 302
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 POST http://engstats.xxx.com/ application/x-www-form-urlencoded 7477
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[5]
engstats | CORS policy execution failed.
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[6]
engstats | Request origin https://fs.xxx.com does not have permission to access the resource.
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 1.1351ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 5.1655ms 302
engstats | info: Microsoft.AspNetCore.Server.Kestrel[32]
engstats | Connection id "0HLOEM0HV2CPL", Request id "0HLOEM0HV2CPL:00000001": the application completed without reading the entire request body.
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 POST http://engstats.xxx.com/ application/x-www-form-urlencoded 7483
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[5]
engstats | CORS policy execution failed.
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[6]
engstats | Request origin https://fs.xxx.com does not have permission to access the resource.
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 0.5585ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 1.1309ms 302
engstats | info: Microsoft.AspNetCore.Server.Kestrel[32]
engstats | Connection id "0HLOEM0HV2CPM", Request id "0HLOEM0HV2CPM:00000001": the application completed without reading the entire request body.
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 POST http://engstats.xxx.com/ application/x-www-form-urlencoded 7483
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[5]
engstats | CORS policy execution failed.
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[6]
engstats | Request origin https://fs.xxx.com does not have permission to access the resource.
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 0.3882ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 0.8346ms 302
engstats | info: Microsoft.AspNetCore.Server.Kestrel[32]
engstats | Connection id "0HLOEM0HV2CPN", Request id "0HLOEM0HV2CPN:00000001": the application completed without reading the entire request body.
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 POST http://engstats.xxx.com/ application/x-www-form-urlencoded 7487
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[5]
engstats | CORS policy execution failed.
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[6]
engstats | Request origin https://fs.xxx.com does not have permission to access the resource.
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 0.4174ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 0.8768ms 302
engstats | info: Microsoft.AspNetCore.Server.Kestrel[32]
engstats | Connection id "0HLOEM0HV2CPO", Request id "0HLOEM0HV2CPO:00000001": the application completed without reading the entire request body.
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 POST http://engstats.xxx.com/ application/x-www-form-urlencoded 7485
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[5]
engstats | CORS policy execution failed.
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[6]
engstats | Request origin https://fs.xxx.com does not have permission to access the resource.
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 0.6451ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 1.239ms 302
engstats | info: Microsoft.AspNetCore.Server.Kestrel[32]
engstats | Connection id "0HLOEM0HV2CPP", Request id "0HLOEM0HV2CPP:00000001": the application completed without reading the entire request body.
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 POST http://engstats.xxx.com/ application/x-www-form-urlencoded 7503
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[5]
engstats | CORS policy execution failed.
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[6]
engstats | Request origin https://fs.xxx.com does not have permission to access the resource.
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 0.4313ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 0.8877ms 302
engstats | info: Microsoft.AspNetCore.Server.Kestrel[32]
engstats | Connection id "0HLOEM0HV2CPQ", Request id "0HLOEM0HV2CPQ:00000001": the application completed without reading the entire request body.
这是我的 Startup.cs 类的内容:
public class Startup : IStartup
{
/// <summary>
/// Initializes a new instance of the <see cref="Startup"/> class.
/// </summary>
/// <param name="configuration">The current configuration.</param>
public Startup(IConfiguration configuration)
{
this.Configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
}
/// <summary>
/// Gets the current configuration.
/// </summary>
public IConfiguration Configuration { get; }
/// <summary>
/// Defines the available services for this application.
/// </summary>
/// <param name="services">The list of services to update.</param>
/// <returns>The initialized service provider for the application.</returns>
public IServiceProvider ConfigureServices(IServiceCollection services)
{
string baseUrl = this.Configuration["RootUrl"] ?? "https://localhost:5001";
if (services is null)
{
throw new ArgumentNullException(nameof(services));
}
services.AddCors(options =>
{
options.AddPolicy(
"default",
builder =>
{
builder.WithOrigins(baseUrl);
});
});
services.AddOptions();
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme;
})
.AddWsFederation(options =>
{
// MetadataAddress represents the Active Directory instance used to authenticate users.
options.MetadataAddress = "https://fs.xxx.com/FederationMetadata/2007-06/FederationMetadata.xml";
// Wtrealm is the app's identifier in the Active Directory instance.
// For ADFS, use the relying party's identifier, its WS-Federation Passive protocol URL:
options.Wtrealm = baseUrl;
})
.AddCookie();
services.AddHttpsRedirection(options => options.RedirectStatusCode = StatusCodes.Status301MovedPermanently);
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddSingleton<TeamsService>();
services.AddSonarqubeClient(this.Configuration);
services.AddJiraClient(this.Configuration);
return services.BuildServiceProvider();
}
/// <summary>
/// Configure the HTTP request pipeline and the available services.
/// </summary>
/// <param name="app">The current application builder.</param>
public void Configure(IApplicationBuilder app)
{
if (app is null)
{
throw new ArgumentNullException(nameof(app));
}
IHostingEnvironment env = app.ApplicationServices.GetRequiredService<IHostingEnvironment>();
app.UseExceptionMiddleware();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors("default");
app.UseAuthentication();
app.UseStaticFiles();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
我添加了 fs 作为公认的核心策略 (builder.WithOrigins),现在日志是:
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
engstats | Request starting HTTP/1.1 POST http://engstats.xxx.com/ application/x-www-form-urlencoded 7481
engstats | info: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[4]
engstats | CORS policy execution successful.
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[0]
engstats | Executing endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Route matched with {action = "Index", controller = "Home"}. Executing controller action with signature Microsoft.AspNetCore.Mvc.IActionResult Index() on controller xxx.Dashboard.Controllers.HomeController (xxx.Dashboard).
engstats | info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[2]
engstats | Authorization failed.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[3]
engstats | Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.Authorization.AuthorizeFilter'.
engstats | info: Microsoft.AspNetCore.Mvc.ChallengeResult[1]
engstats | Executing ChallengeResult with authentication schemes ().
engstats | info: Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler[12]
engstats | AuthenticationScheme: WsFederation was challenged.
engstats | info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
engstats | Executed action xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard) in 0.406ms
engstats | info: Microsoft.AspNetCore.Routing.EndpointMiddleware[1]
engstats | Executed endpoint 'xxx.Dashboard.Controllers.HomeController.Index (xxx.Dashboard)'
engstats | info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
engstats | Request finished in 0.8534ms 302
engstats | info: Microsoft.AspNetCore.Server.Kestrel[32]
engstats | Connection id "0HLOEMR97B67V", Request id "0HLOEMR97B67V:00000001": the application completed without reading the entire request body.
我希望能够使用 ADFS 身份验证连接到我的应用程序...
谢谢您帮助我。
问候,
尼古拉斯
我发现了这个问题。在 ADFS 中,依赖方标识符必须是https://engstats.xxx.com//signin-wsfed 在我的 ADFS 配置中
添加/signin-wsfed解决了这个问题
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句