I'm trying to move our site from a II开发者_开发知识库S6 to IIS7 and have a problem we're using ADFS for and in IIS6 the setup looks something like:
<sectionGroup name="system.web">
<section name="websso"
type="System.Web.Security.SingleSignOn.WebSsoConfigurationHandler,
System.Web.Security.SingleSignOn,
Version=1.0.0.0,
Culture=neutral,
PublicKeyToken=31bf3856ad364e35,
Custom=null" />
</sectionGroup>
<roleManager defaultProvider="SingleSignOnRoleProvider2" enabled="true">
<providers>
<add name="SingleSignOnRoleProvider2"
type="System.Web.Security.SingleSignOn.SingleSignOnRoleProvider2,
System.Web.Security.SingleSignOn.PartialTrust,
Version=1.0.0.0,
Culture=neutral,
PublicKeyToken=31bf3856ad364e35" />
</providers>
</roleManager>
<websso>
<authenticationrequired />
<auditlevel>255</auditlevel>
<cookies writecookies="true">
<path>/</path>
</cookies>
<urls>
<returnurl>https://siteurl</returnurl>
</urls>
<fs>https://serviceurl</fs>
<isNonInteractiveClientApp />
</websso>
So I thought the trick would be to do:
<sectionGroup name="system.webServer">
<section name="websso"
type="System.Web.Security.SingleSignOn.WebSsoConfigurationHandler,
System.Web.Security.SingleSignOn,
Version=1.0.0.0,
Culture=neutral,
PublicKeyToken=31bf3856ad364e35,
Custom=null" />
</sectionGroup>
and copy the rest into system.webServer instead of system.web. However the sectionGroup with system.webServer is not allowed (group already defined) and adding the websso or rolemanager fails.
Any ideas on how to configure ADFS under IIS7 integrated mode?
The configuration section should not move. All this does is pass configuration into the ADFS module. Do you have the ADFS http module configured in your web or machine config? If so that will need to move to the web.server section. I've also seen issues with the ADFS module not working well in intergrated mode, so it might be good to try classic if you can.
精彩评论