我如何prevent ASP.NET无法登录身份验证失败？ [英] How do I prevent ASP.NET from logging authentication failures?

问题描述

我的Windows Azure的Web角色的ASP.NET MVC应用服务上的一些路线的REST API请求，这些路由要求的基本身份验证。客户端程序经常无法验证 - 他们大多是在所调试的中间 - 等身份验证失败的现象相当普遍。对于每一个事件，我得到了创纪录这样在应用程序的日志（通过事件查看器访问或 System.Diagnostics.EventLog 类）

My Windows Azure web role ASP.NET MVC application serves REST API requests on some of the routes and those routes require "basic" authentication. Client programs often fail to authenticate - most of them are in the middle of being debugged - and so authentication failures are quite common. For every event I get a record like this in the Application log (accessible via Event Viewer or System.Diagnostics.EventLog class)

Date and Time Here (ASP.NET 4.0.30319.0): Event code: 100001
Event message: Authentication failure
Event time: Date and time
Event time (UTC): UTC date and time
// lots of information follows

我敢肯定，我永远不会看这些消息，写他们消耗了一些服务的CPU时间和IO带宽的虚拟机。

I'm sure I'll never read those messages and writing them consumes some CPU time and IO bandwidth on the service VMs.

我如何得到这些失败没有登录？

How do I get those failures not logged?

推荐答案

此行​​为是使用配置的＆LT;的System.Web＆GT;＆LT; healthMonitoring＆GT; 的元素的web.config 。 默认行为是记录所有未处理异常和验证失败到应用程序事件日志。这里有两种规矩 - 一个是前者，一个用于后者

This behavior is configured using <system.web><healthMonitoring> element in web.config. The default behavior is logging all unhandled exceptions and authentication failures to Application event log. There're two "rules" - one for the former and one for the latter.

所以我只是说这样的：

<healthMonitoring>
  <rules>
    <clear />
  </rules>
</healthMonitoring>

这使得这些默认规则消失，问题就解决了​​我。请注意，这也消除了登录，我不需要任何未处理的异常规则。

which made those default rules disappear and the problem is solved for me. Note that this also removes the rule for logging unhandled exceptions which I don't need either.

这篇关于我如何prevent ASP.NET无法登录身份验证失败？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！