应用服务 -> Azure SQL 数据库使用托管标识。奇怪的异常
App Service -> Azure SQL DB using a managed identity. Strange exception
我正在尝试使用托管标识建立从我的应用服务到 Azure SQL 数据库的连接。
我正在使用本教程
https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-connect-msi
但是当我的应用程序尝试连接到数据库时,它会异常中断
One or more errors occurred.;
INNER EXCEPTION 1: One or more errors occurred.;
INNER EXCEPTION 2: Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried the following 4 methods to get an access token, but none of them worked.
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Managed Service Identity. Access token could not be acquired. Received a non-retryable error. MSI ResponseCode: BadRequest, Response: {\"StatusCode\":400,\"Message\":\"No MSI found for specified ClientId/ResourceId.\",\"CorrelationId\":\"ad10102e-dd69-479e-b9f5-29b9a3248983\"}
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Visual Studio. Access token could not be acquired. Visual Studio Token provider file not found at \"D:\local\LocalAppData\.IdentityService\AzureServiceAuth\tokenprovider.json\"
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Azure CLI. Access token could not be acquired. 'az' is not recognized as an internal or external command, operable program or batch file.
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Active Directory Integrated Authentication. Access token could not be acquired. Failed to get user name from the operating system.
有谁知道去哪里找原因吗?
我们了解问题所在。
本文涉及系统分配的托管标识。我们使用用户分配的托管身份。
应用服务未正确配置。
在标识选项卡上,有必要添加一个可以访问数据库的用户帐户。
在配置选项卡上,有必要添加一个键
AzureServicesAuthConnectionString=RunAs=App;AppId={Guid of db user}
我正在尝试使用托管标识建立从我的应用服务到 Azure SQL 数据库的连接。 我正在使用本教程 https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-connect-msi 但是当我的应用程序尝试连接到数据库时,它会异常中断
One or more errors occurred.;
INNER EXCEPTION 1: One or more errors occurred.;
INNER EXCEPTION 2: Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried the following 4 methods to get an access token, but none of them worked.
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Managed Service Identity. Access token could not be acquired. Received a non-retryable error. MSI ResponseCode: BadRequest, Response: {\"StatusCode\":400,\"Message\":\"No MSI found for specified ClientId/ResourceId.\",\"CorrelationId\":\"ad10102e-dd69-479e-b9f5-29b9a3248983\"}
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Visual Studio. Access token could not be acquired. Visual Studio Token provider file not found at \"D:\local\LocalAppData\.IdentityService\AzureServiceAuth\tokenprovider.json\"
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Azure CLI. Access token could not be acquired. 'az' is not recognized as an internal or external command, operable program or batch file.
Parameters: Connection String: [No connection string specified], Resource: https://database.windows.net/, Authority: https://login.windows.net/B0BBBC89-2041-434F-8618-BC081A1A01D4. Exception Message: Tried to get token using Active Directory Integrated Authentication. Access token could not be acquired. Failed to get user name from the operating system.
有谁知道去哪里找原因吗?
我们了解问题所在。 本文涉及系统分配的托管标识。我们使用用户分配的托管身份。 应用服务未正确配置。 在标识选项卡上,有必要添加一个可以访问数据库的用户帐户。 在配置选项卡上,有必要添加一个键
AzureServicesAuthConnectionString=RunAs=App;AppId={Guid of db user}