添加认证静态的Azure网站 [英] Adding authentication to static Azure Website

问题描述

我们有托管静态站点（只是一些HTML，CSS，JavaScript）的，然后我们通过AJAX的Azure移动服务进行通信的Azure的网站调用。

We have an Azure Website hosting a static site (just some HTML, CSS, Javascript), which then communicates with our Azure Mobile Services by AJAX calls.

我们想一些很简单的身份验证添加到这个网站（只是一个静态的用户名/密码就足够了）。

We would like to add some very simple authentication to this site (just a static username/password will be sufficient).

请推荐要做到这一点最简单的方法。

Please recommend the easiest way to do this.

或者可能存在于提供静态内容，然后其他的Azure网站的一些更好的选择？

Or may be there is some better option for serving static content, other then Azure Websites?

推荐答案

一个静态的用户名和密码验证的一个非常简单的形式可以通过利用这篇文章中所描述ASP.NET的身份验证和授权，具有集成的IIS来实现： 应用ASP.NET身份验证和授权规则与IIS 7.0的综合管线功能静态内容。

A very simple form of authentication with a static username and password can be achieved by leveraging ASP.NET's authentication and authorization, integrated with IIS as described in this article: Apply ASP.NET Authentication and Authorization Rules to Static Content with IIS 7.0's Integrated Pipeline Feature.

一个例子此示例GitHub的项目。 code的相关部分，你应该在根目录中放置（这将是公共的）这个Web.config文件：

Se this sample GitHub project for an example. The relevant pieces of code are this Web.config file that you should place in the root directory (which would be public):

<?xml version="1.0"?>
<configuration>
    <system.web>
        <compilation debug="false" />
        <authentication mode="Forms">
            <forms>
                <credentials passwordFormat="Clear">
                    <user name="Alice" password="secret" />
                </credentials>
            </forms>
        </authentication>
        <!-- Unless specified in a sub-folder's Web.config file, 
             any user can access any resource in the site -->
        <authorization>
            <allow users="*" />
        </authorization>
    </system.web>
    <system.webServer>
        <modules>
            <remove name="FormsAuthenticationModule" />
            <add name="FormsAuthenticationModule" type="System.Web.Security.FormsAuthenticationModule" />            
            <remove name="UrlAuthorization" />
            <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" />
        </modules>
    </system.webServer>
</configuration>

这Web.config文件，你可以在子目录中放置（这将限制）：

And this Web.config file that you could place in a subdirectory (which would be restricted):

<?xml version="1.0"?>
<configuration>
    <system.web>
        <!-- Anonymous users are denied access to this folder (and its subfolders) -->
        <authorization>
            <deny users="?" />
        </authorization>
    </system.web>
</configuration>

您还需要的Login.aspx 与HTML表单和服务器端的认证文件逻辑。见的Login.aspx为例子的示例项目。

You also need a Login.aspx file with the HTML form and server-side authentication logic. See the Login.aspx in the sample project for an example.

这样你就可以在子目录举办的根级公共文件和私人文件。如果你想保护，即使根级别，只需调整相应的授权规则。

This way you would be able to host both public files at root level and private files at subdirectories. If you want to protect even the root level, just adjust the authorization rules accordingly.

有关配置选项的文档查看这些网页MSDN：

For documentation on configuration options see these MSDN pages:

• 授权元素（ASP.NET设置架构）


• 允许元素进行授权（ASP.NET设置架构）


• 否认元素进行授权（ASP.NET设置架构）

• authorization Element (ASP.NET Settings Schema)
• allow Element for authorization (ASP.NET Settings Schema)
• deny Element for authorization (ASP.NET Settings Schema)

这篇关于添加认证静态的Azure网站的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！