问题描述
从Azure App Service的页面中,直接跳转到高级管理工具Kudu站点(https://<your app service name>.scm.chinacloudsites.cn/)时,可以自动使用AAD用户(即登录Azure门户的订阅账号),同时,也可以使用App Service的发布账号(如FTP账号和密码)登录,那如何来使用呢?
There are 2 authentication mechanisms.
- Single sign on. This is only available and a default mechanism accessing via browser. User will be authenticated via AAD login.
- Basic Auth usingDeployment-credentials. This is default for non browser - such as curl. However, one can force this mode on browser by appending basicauth such as
.https://mysite.scm.chinacloudsites.cn/basicauth
问题解答
在Azure App Service的门户中,可以在Deployment Center中,查看到Deployment Center中的Local Git/FTPS Credentials项中的UserName和Password。
在获取到上一步的 UserName 和 Password 后,通过 kudu 站点的 basicauth 接口登录它。
具体的操作方式为:
在Kudu站点的url后加/basicauth,在弹出的验证窗口中的输入FTP credentials。
https://<your app service name>.scm.chinacloudsites.cn/basicauth 附录一:禁用Kudu的FTP Credential方式登录(/basicauth), 可以通过Azure Cli的语句,具体如下:
az resource update --resource-group <resource-group> --name scm --namespace Microsoft.Web
--resource-type basicPublishingCredentialsPolicies --parent sites/<site-name>
--set properties.allow=false 参考资料
Accessing the kudu service:https://github.com/projectkudu/kudu/wiki/Accessing-the-kudu-service#authentication--authorization
Disabling basic auth on App Service : https://azure.github.io/AppService/2020/08/10/securing-data-plane-access.html