我严格按照这个文档上的步骤进行操作,但在保存策略编辑器“入站处理”和代码视图按钮“</>”时出现了这个错误:
One or more fields contain incorrect values:
Error in element 'cors' on line 2, column 5: Policy section is not allowed in the specified scope
Error in element 'validate-jwt' on line 16, column 5: Policy section is not allowed in the specified scope
Error in element 'rate-limit-by-key' on line 24, column 5: Policy section is not allowed in the specified scope代码如下:
<inbound>
<cors allow-credentials="true">
<allowed-origins>
<origin>https://devjohn1.z11.web.core.windows.net/</origin>
</allowed-origins>
<allowed-methods preflight-result-max-age="120">
<method>GET</method>
</allowed-methods>
<allowed-headers>
<header>*</header>
</allowed-headers>
<expose-headers>
<header>*</header>
</expose-headers>
</cors>
<validate-jwt header-name="Authorization" failed-validation-httpcode="401" failed-validation-error-message="Unauthorized. Access token is missing or invalid." require-expiration-time="true" require-signed-tokens="true" clock-skew="300">
<openid-config url="https://devjohn1.b2clogin.com/devjohn1.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=B2C_1_myapp_frontend_devjohn1_signupandsignin" />
<required-claims>
<claim name="aud">
<value>56f39849-19eb-49d6-qweqw-123123123</value>
</claim>
</required-claims>
</validate-jwt>
<rate-limit-by-key calls="300" renewal-period="120" counter-key="@(context.Request.IpAddress)" />
<rate-limit-by-key calls="15" renewal-period="60" counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization","").AsJwt()?.Subject)" />
</inbound>有什么不对的?我只是按照步骤...
1条答案
按热度按时间rqcrx0a61#
一个或多个字段包含不正确的值:
每当您尝试以以下方式保存策略时,您将收到错误信息
在APIM中创建新API后,单击入站策略代码编辑器
单击后,您将获得默认策略模板。将入站策略粘贴到
<inbound></inbound>中,保持其他标签不变。在你的现有政策的几个修改后,我能够保存它。将
<inbound></inbound>保持在<policies></policies>范围内。