调试时身份验证成功,但是在Azure App Service上失败 [英] Authentication Succeeds when Debugging but Fails on Azure App Service
问题描述
我只是使用以下方法使用CSOM从SharePoint中获取一些用户.这一直对我有用,而且我没有任何问题.
I am simply getting some users from SharePoint using CSOM using the below method. This has always worked for me and I've had no issues.
突然之间,当我今天尝试调用此方法时,它因该错误而失败
All of a sudden, when I try calling this method today it fails with this error
The sign-in name or password does not match one in the Microsoft account system.
at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String securityXml, String serviceTarget, String servicePolicy)
at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String username, String password, String serviceTarget, String servicePolicy)
at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.GetAuthenticationCookie(Uri url, String username, SecureString password, Boolean alwaysThrowOnFailure, EventHandler`1 executingWebRequest)
at Microsoft.SharePoint.Client.SharePointOnlineCredentials.GetAuthenticationCookie(Uri url, Boolean refresh, Boolean alwaysThrowOnFailure)
at Microsoft.SharePoint.Client.ClientRuntimeContext.SetupRequestCredential(ClientRuntimeContext context, HttpWebRequest request)
at Microsoft.SharePoint.Client.SPWebRequestExecutor.GetRequestStream()
at Microsoft.SharePoint.Client.ClientContext.GetFormDigestInfoPrivate()
at Microsoft.SharePoint.Client.ClientContext.EnsureFormDigest()
at Microsoft.SharePoint.Client.ClientContext.ExecuteQuery()
at SharePointLibrary.SPClient.GetAllUsers() in C:\Users\bassie\source\repos\TFS\ADVWKSP\SharePointLibrary\SPClientUsers.cs:line 39
但是它只有在发布到Azure后才会失败.
我已经记录了用于Azure应用程序流的用户名和密码,它们绝对正确,并且与在我的计算机上调试时使用的用户名和密码相同.
I have logged the username and password being used to the Azure applications streams, and they are definitely correct, and the same ones being used when debugging on my machine.
这怎么可能?我要疯了吗?
How is this possible? Am I going crazy?
构造函数
public SPClient(string url)
{
baseUrl = url;
var userName = ConfigurationManager.ConnectionStrings["SPsvcUsername"].ConnectionString;
var password = ConfigurationManager.ConnectionStrings["SPsvcPassword"].ConnectionString;
Trace.TraceInformation(userName);
Trace.TraceInformation(password);
var securePassword = new SecureString();
foreach (var c in password)
{
securePassword.AppendChar(c);
}
credentials = new SharePointOnlineCredentials(userName, securePassword);
}
获取用户方法
public IEnumerable<SharePointUser> GetAllUsers()
{
var spUsers = new List<SharePointUser>();
using (var clientContext = new ClientContext(baseUrl))
{
clientContext.Credentials = credentials;
var web = clientContext.Web;
var list = clientContext.Web.SiteUserInfoList;
var users = list.GetItems(new CamlQuery());
clientContext.Load(users, includes => includes.Include(
f => f["GUID"],
f => f["FirstName"],
f => f["LastName"],
f => f["UserName"],
f => f["Picture"],
f => f.DisplayName));
clientContext.ExecuteQuery();
foreach (var user in users)
{
var imagePath = (FieldUrlValue)user.FieldValues["Picture"];
spUsers.Add(new SharePointUser()
{
FirstName = (user.FieldValues["FirstName"] is string firstName) ? firstName : string.Empty,
LastName = (user.FieldValues["LastName"] is string lastName) ? lastName : string.Empty,
UserName = (user.FieldValues["UserName"] is string userName) ? userName.ToLower() : string.Empty,
ImagePath = (user.FieldValues["Picture"] is FieldUrl pictureUrl) ? pictureUrl.ToString() : string.Empty,
DisplayName = user.DisplayName
});
}
}
return spUsers;
}
推荐答案
由于凭据正确,因此可能启用了多重身份验证,并且某个策略可能为此帐户触发了它.在这种情况下,您可以为该特定帐户禁用MFA.
Since the credentials are correct, it may be that Multi-Factor Authentication is enabled and a policy may be triggering it for this account. If that is the case, you could disable MFA for that specific account.
此外,作为 PnP核心库一部分的AuthenticationManager类可能是有益的,因为对于各种身份验证方案都是有帮助的.
Also, the AuthenticationManager class that is part of the PnP Core library may be beneficial as it is helpful for various authentication scenarios.
这篇关于调试时身份验证成功,但是在Azure App Service上失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
