Authorization Rules in Azure App Service is not working

Question

I followed instructions on this blog post trying to enable anonymous access for the home page and redirect to Google if accessing /Admin page using this authorization.json.

{
  "routes": [
    {
      "path_prefix": "/",
      "policies": { "unauthenticated_action": "AllowAnonymous" }
    },
    {
      "path_prefix": "/Admin",
      "policies": { "unauthenticated_action": "RedirectToLoginPage" }
    }
  ]
}

When I access the home page @ http://mysite.azurewebsites.net/ it always navigates me to login page. And after I login then post redirection I am getting following errors inside log streaming.

2016-12-02T04:30:44  PID[11016] Verbose     [Routes(Preview)] Attempting to load configuration from 'D:\home\site\wwwroot\authorization.json'.
2016-12-02T04:30:44  PID[11016] Critical    System.Runtime.Serialization.SerializationException: There was an error deserializing the object of type Microsoft.Azure.AppService.Routes.RoutesConfig. Encountered unexpected character 'ï'. ---> System.Xml.XmlException: Encountered unexpected character 'ï'.
   at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader reader, XmlException exception)
   at System.Runtime.Serialization.Json.XmlJsonReader.ReadAttributes()
   at System.Runtime.Serialization.Json.XmlJsonReader.ReadNonExistentElementName(StringHandleConstStringType elementName)
   at System.Runtime.Serialization.Json.XmlJsonReader.Read()
   at System.Xml.XmlBaseReader.IsStartElement()
   at System.Xml.XmlBaseReader.IsStartElement(XmlDictionaryString localName, XmlDictionaryString namespaceUri)
   at System.Runtime.Serialization.XmlReaderDelegator.IsStartElement(XmlDictionaryString localname, XmlDictionaryString ns)
   at System.Runtime.Serialization.XmlObjectSerializer.IsRootElement(XmlReaderDelegator reader, DataContract contract, XmlDictionaryString name, XmlDictionaryString ns)
   at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalIsStartObject(XmlReaderDelegator reader)
   at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalReadObject(XmlReaderDelegator xmlReader, Boolean verifyObjectName)
   at System.Runtime.Serialization.XmlObjectSerializer.InternalReadObject(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)
   at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)
   --- End of inner exception stack trace ---
   at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)
   at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(XmlDictionaryReader reader)
   at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(Stream stream)
   at Microsoft.Azure.AppService.Authentication.ModuleUtils.DecodeJson[T](Stream jsonStream)
   at Microsoft.Azure.AppService.Routes.RoutesConfig.TryLoadFromFile(String configFilePath, Func`2 deserializer, RoutesConfig& config)
   at Microsoft.Azure.AppService.Routes.RoutesConfig.TryLoadFromJsonFile(String configFilePath, RoutesConfig& config)
   at Microsoft.Azure.AppService.Routes.RoutesModule.TryLoadRoutesConfig(HttpContextBase context)
   at Microsoft.Azure.AppService.Routes.RoutesModule.<OnPostAuthenticateRequestAsync>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Azure.AppService.Authentication.HttpModuleDispatcher.<DispatchAsync>d__13.MoveNext()
2016-12-02T04:30:44  PID[11016] Information Sending response: 500.79 Internal Server Error

Additional details. 1. Re-started the site after publishing from visual studio as mentioned. 2. Those /Admin path I have inside AdminController. 3. The authorization.json is at the root of the site. If I navigate to PS D:\home\site\wwwroot> I am able to see the authorization.json file.

I don't know what I am getting wrong regarding the syntax of the file.

Answer 1

According to your description, I followed URL Authorization Rules and created the authorization.json in my Visual Studio. I could make it work as expected on my Azure Web App.

https://bruce-chen-001.azurewebsites.net/

https://bruce-chen-001.azurewebsites.net/admin/admin.html

I assumed that there be something wrong with your authorization.json file. I found a similar issue about Encountered unexpected character ‘ï’ error serializing JSON, you could refer to it.

Updated

Here is my authorization.json file:

Please make sure you have chosen Allow Anonymous requests (no action) under the “Action to take when request is not authenticated” in the Authentication/Authorization blade of your App Service on Azure Portal.