在web.config中添加角色 [英] Add role in web.config
问题描述
我有一个如下所示的web.config:
<配置>
< system.web>
<授权>
<允许角色="skaredom \ se-eos用户"/>
< deny users ="*"/>
</授权>
</system.web>
</configuration> 这是在内部运行的,但是现在我希望它在Azure中运行.我有一个Azure网站,可在其中将允许角色更改为< allow user ="myemail.address@skaredom.com". (实际上,我必须在本地时从skaredom \ myaccount更改此设置).但当 添加skaredom \ se-eos用户组将无法正常工作.
关于我的网络/Azure工作人员,他们已将特定组的同步添加到Azure AD.
所以它应该与此类似吗?我应该将名称更改为"FQDN"吗?地址,例如se-eos-users@skaredom.com或类似地址?组/角色是否有FQDN名称?如果是这样,该使用组名称中的空格怎么办?
最诚挚的问候
/马格努斯
Magnus Burk
你好Magnus,
我不确定Azure上是否不再支持此方法.您是否考虑过使用内置 App Services 身份验证?
否则,我们会有一些 .NET来管理用户声明的示例.
Hi,
I have a web.config that looks like this:
<configuration>
<system.web>
<authorization>
<allow roles="skaredom\se-eos users"/>
<deny users="*"/>
</authorization>
</system.web>
</configuration>This works on premise, but now I want it to work in Azure. I have an Azure web site where it works to change allow roles to <allow user="myemail.address@skaredom.com" (actually I had to change this from skaredom\myaccount when onprem). But when adding the skaredom\se-eos users group it won't work.
Regarding my network/Azure guys at work, they have added a synchronization of that specific group to Azure AD.
So should it work similar to this? Should I change the name to a "FQDN" address, as se-eos-users@skaredom.com or similar? Is there a FQDN name for groups/roles? If so, what to do with the space in the group name?
Best regards
/Magnus
Magnus Burk
Hello Magnus,
I'm not so sure this method is supported anymore on Azure. Have you considered using the built-in App Services authentication?
Otherwise, we have some examples of utilizing .NET to manage user claims.
这篇关于在web.config中添加角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
