Я делаю реализацию единого входа с WIF для своего приложения на IIS.
Меня попросили добавить страницу Default.aspx со ссылкой на страницу входа (и так далее на страницу входа в систему единого входа).
Для этого я следую документации, предоставленной мне для этой реализации, и добавил два тега пути к местоположению в веб-конфигурацию.
Это теги, которые я добавил (следуя документации):
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<location path="WebResource.axd">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
Вот полный веб-конфиг, запрошенный в комментарии:
<configuration>
<configSections>
<sectionGroup name="devExpress">
<section name="compression" type="DevExpress.Web.CompressionConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="themes" type="DevExpress.Web.ThemesConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="errors" type="DevExpress.Web.ErrorsConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="settings" type="DevExpress.Web.SettingsConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
<section name="resources" type="DevExpress.Web.ResourcesConfigurationSection, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" requirePermission="false" />
</sectionGroup>
<section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
</configSections>
<connectionStrings>
<add name="AppNameConnectionString" connectionString="Data Source=DataSourceName;Initial Catalog=CatalogName;Persist Security Info=True;User ID=User;Password=Password" providerName="System.Data.SqlClient" />
</connectionStrings>
<appSettings>
<add key="DbNetSuiteLicenseKey" value="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" />
<!--<add key="DbNetSuiteSymmetricKeyName" value="" />
<add key="DbNetSuiteCertificateName" value="" />-->
<add key="FederationMetadataLocation" value="https://metadatalink/FederationMetadata/2007-06/FederationMetadata.xml" />
</appSettings>
<location path="FederationMetadata">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
<location path="Default.aspx">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<location path="WebResource.axd">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?" />
</authorization>
<authentication mode="None" />
<httpRuntime executionTimeout="600" />
<customErrors mode="Off" />
<pages styleSheetTheme="AppName" validateRequest="false" controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
<controls>
<add tagPrefix="dx" namespace="DevExpress.Web.ASPxHtmlEditor" assembly="DevExpress.Web.ASPxHtmlEditor.v17.1" />
<add tagPrefix="dx" namespace="DevExpress.Web" assembly="DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add tagPrefix="lc" namespace="Lightcode.Framework.Presentation.Web.UI.Blocks" assembly="Framework.Presentation.Web" />
</controls>
</pages>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Printing.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Data.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxSpellChecker.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.SpellChecker.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.XtraCharts.v17.1.Web, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.XtraCharts.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=B88D1754D700E49A" />
<add assembly="DevExpress.Charts.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxHtmlEditor.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Data, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.DirectoryServices.Protocols, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.EnterpriseServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.ServiceProcess, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="System.Web.RegularExpressions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.RichEdit.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxThemes.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.ASPxScheduler.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.XtraScheduler.v17.1.Core, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="DevExpress.Data.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
</assemblies>
</compilation>
<httpModules>
<add name="ASPxHttpHandlerModule" type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
</httpModules>
<globalization culture="it-IT" uiCulture="it-IT" />
<httpHandlers>
<add verb="GET,POST" path="ASPxUploadProgressHandlerPage.ashx" type="DevExpress.Web.ASPxUploadProgressHttpHandler, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" verb="GET,POST" path="DX.ashx" validate="false" />
</httpHandlers>
<webServices>
<protocols>
<add name="HttpGet" />
<add name="HttpPost" />
</protocols>
</webServices>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add name="ASPxHttpHandlerModule" type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" preCondition="managedHandler" />
</modules>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add type="DevExpress.Web.ASPxHttpHandlerModule, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" verb="GET,POST" path="DX.ashx" name="ASPxHttpHandlerModule" preCondition="integratedMode" />
<add name="ASPxUploadProgressHandler" preCondition="integratedMode" verb="GET,POST" path="ASPxUploadProgressHandlerPage.ashx" type="DevExpress.Web.ASPxUploadProgressHttpHandler, DevExpress.Web.v17.1, Version=17.1.6.0, Culture=neutral, PublicKeyToken=xxxxxxxxx" />
<!--Modifica Fabio-->
<add name="dbnetgrid_ashx" verb="*" path="dbnetgrid.ashx" type="DbNetLink.DbNetSuite.DbNetGrid" />
<add name="dbnetedit_ashx" verb="*" path="dbnetedit.ashx" type="DbNetLink.DbNetSuite.DbNetEdit" />
<add name="dbnetfile_ashx" verb="*" path="dbnetfile.ashx" type="DbNetLink.DbNetSuite.DbNetFile" />
<add name="dbnetspell_ashx" verb="*" path="dbnetspell.ashx" type="DbNetLink.DbNetSuite.DbNetSpell" />
<add name="dbnetcombo_ashx" verb="*" path="dbnetcombo.ashx" type="DbNetLink.DbNetSuite.DbNetCombo" />
<add name="dbnetlist_ashx" verb="*" path="dbnetlist.ashx" type="DbNetLink.DbNetSuite.DbNetList" />
<add name="dbnetsuite_js_ashx" verb="*" path="dbnetsuite.js.ashx" type="DbNetLink.DbNetSuite.JS" />
<add name="dbnetsuite_css_ashx" verb="*" path="dbnetsuite.css.ashx" type="DbNetLink.DbNetSuite.CSS" />
</handlers>
</system.webServer>
<devExpress>
<compression enableHtmlCompression="false" enableCallbackCompression="true" enableResourceCompression="true" enableResourceMerging="false" />
<errors callbackErrorRedirectUrl="" />
<themes enableThemesAssembly="true" styleSheetTheme="" theme="" customThemeAssemblies="" baseColor="" font="" />
<settings doctypeMode="Xhtml" rightToLeft="false" embedRequiredClientLibraries="false" ieCompatibilityVersion="8" accessibilityCompliant="false" bootstrapMode="Bootstrap3" checkReferencesToExternalScripts="true" protectControlState="true" />
</devExpress>
<microsoft.identityModel>
<service>
<audienceUris>
<add value="https://server/AppName/Login.aspx" />
</audienceUris>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="https://idptest/adfs/ls/" realm="https://server/AppName/Login.aspx" requireHttps="true" />
<cookieHandler requireSsl="true" />
</federatedAuthentication>
<serviceCertificate>
<certificateReference x509FindType="FindByThumbprint" findValue="XXXXXXXXXXXXXXXXXXXXXXXXXXXX" storeLocation="LocalMachine" storeName="My" />
</serviceCertificate>
<applicationService>
<claimTypeRequired>
<!--Following are the claims offered by STS 'http://idptest/adfs/services/trust'. Add or uncomment claims that you require by your application and then update the federation metadata of this application.-->
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" optional="true" />
<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true" />
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/CommonName" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/EmailAddress" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/Group" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/claims/UPN" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/san" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/subject" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename" optional="true" />-->
<!--<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2012/01/passwordchangeurl" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/claims/authnmethodsreferences" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id" optional="true" />-->
<!--<claimType type="http://schemas.microsoft.com/ws/2013/11/alternateloginid" optional="true" />-->
</claimTypeRequired>
</applicationService>
<certificateValidation certificateValidationMode="None" />
<issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=xxxxxxxxx">
<trustedIssuers>
<add thumbprint="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" name="http://idptest/adfs/services/trust" />
</trustedIssuers>
</issuerNameRegistry>
</service>
</microsoft.identityModel>
</configuration>
Когда я пытаюсь добраться до приложения, я получаю сообщение об ошибке «Нераспознанный элемент» в первом теге местоположения (Default.aspx).
Я не очень практиковался в подобных вещах, поэтому я не уверен, может ли быть проблема в настройке IIS, которая отсутствует, или что-то отсутствует в веб-конфигурации, или что-то еще.
Снимок сообщения об ошибке