调试时身份验证成功但在 Azure 应用服务上失败 [英] Authentication Succeeds when Debugging but Fails on Azure App Service
问题描述
我只是通过以下方法使用 CSOM 从 SharePoint 获取一些用户.这一直对我有用,我没有遇到任何问题.
I am simply getting some users from SharePoint using CSOM using the below method. This has always worked for me and I've had no issues.
突然间,当我今天尝试调用此方法时,它因此错误而失败
All of a sudden, when I try calling this method today it fails with this error
The sign-in name or password does not match one in the Microsoft account system.
at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String securityXml, String serviceTarget, String servicePolicy)
at Microsoft.SharePoint.Client.Idcrl.IdcrlAuth.GetServiceToken(String username, String password, String serviceTarget, String servicePolicy)
at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.GetAuthenticationCookie(Uri url, String username, SecureString password, Boolean alwaysThrowOnFailure, EventHandler`1 executingWebRequest)
at Microsoft.SharePoint.Client.SharePointOnlineCredentials.GetAuthenticationCookie(Uri url, Boolean refresh, Boolean alwaysThrowOnFailure)
at Microsoft.SharePoint.Client.ClientRuntimeContext.SetupRequestCredential(ClientRuntimeContext context, HttpWebRequest request)
at Microsoft.SharePoint.Client.SPWebRequestExecutor.GetRequestStream()
at Microsoft.SharePoint.Client.ClientContext.GetFormDigestInfoPrivate()
at Microsoft.SharePoint.Client.ClientContext.EnsureFormDigest()
at Microsoft.SharePoint.Client.ClientContext.ExecuteQuery()
at SharePointLibrary.SPClient.GetAllUsers() in C:Usersassiesource
eposTFSADVWKSPSharePointLibrarySPClientUsers.cs:line 39
但只有在发布到 Azure 后才会失败.
我已经记录了用于 Azure 应用程序流的用户名和密码,它们绝对正确,并且与在我的机器上调试时使用的相同.
I have logged the username and password being used to the Azure applications streams, and they are definitely correct, and the same ones being used when debugging on my machine.
这怎么可能?我要疯了吗?
How is this possible? Am I going crazy?
构造函数
public SPClient(string url)
{
baseUrl = url;
var userName = ConfigurationManager.ConnectionStrings["SPsvcUsername"].ConnectionString;
var password = ConfigurationManager.ConnectionStrings["SPsvcPassword"].ConnectionString;
Trace.TraceInformation(userName);
Trace.TraceInformation(password);
var securePassword = new SecureString();
foreach (var c in password)
{
securePassword.AppendChar(c);
}
credentials = new SharePointOnlineCredentials(userName, securePassword);
}
获取用户方法
public IEnumerable<SharePointUser> GetAllUsers()
{
var spUsers = new List<SharePointUser>();
using (var clientContext = new ClientContext(baseUrl))
{
clientContext.Credentials = credentials;
var web = clientContext.Web;
var list = clientContext.Web.SiteUserInfoList;
var users = list.GetItems(new CamlQuery());
clientContext.Load(users, includes => includes.Include(
f => f["GUID"],
f => f["FirstName"],
f => f["LastName"],
f => f["UserName"],
f => f["Picture"],
f => f.DisplayName));
clientContext.ExecuteQuery();
foreach (var user in users)
{
var imagePath = (FieldUrlValue)user.FieldValues["Picture"];
spUsers.Add(new SharePointUser()
{
FirstName = (user.FieldValues["FirstName"] is string firstName) ? firstName : string.Empty,
LastName = (user.FieldValues["LastName"] is string lastName) ? lastName : string.Empty,
UserName = (user.FieldValues["UserName"] is string userName) ? userName.ToLower() : string.Empty,
ImagePath = (user.FieldValues["Picture"] is FieldUrl pictureUrl) ? pictureUrl.ToString() : string.Empty,
DisplayName = user.DisplayName
});
}
}
return spUsers;
}
推荐答案
由于凭据正确,可能启用了多重身份验证并且策略可能会为此帐户触发它.如果是这种情况,您可以为该特定帐户禁用 MFA.
Since the credentials are correct, it may be that Multi-Factor Authentication is enabled and a policy may be triggering it for this account. If that is the case, you could disable MFA for that specific account.
此外,作为 PnP 核心库 一部分的 AuthenticationManager 类可能是有益的,因为它有助于各种身份验证场景.
Also, the AuthenticationManager class that is part of the PnP Core library may be beneficial as it is helpful for various authentication scenarios.
这篇关于调试时身份验证成功但在 Azure 应用服务上失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
