https://stackoverflow.com/questions/22362631
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianyou need to add the "runAllManagedModuleForAllRequests=true" to the modules section in system.webServer.
Otherwise the FAM/SAM will not kick in for static files.
WIF and IIS file security
Pregunta
I think I'm missing something obvious, but with WIF configured, I can directly access files on my web site. E.g., https://mysite.com/MyWifApplication/ArbitraryFile.pdf is accessible without hitting my STS for credentials.
In web.config, I have the typical
<authorization>
<deny users="?" />
</authorization>
However, I am not challenged for authentication.
Please tell me I'm just missing something dumb.
Thanks!
Solución
Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
