使用密码和 Azure Active Directory 身份验证的 Asp.ne

Asp.net Identity using password and Azure Active Directory authentication(使用密码和 Azure Active Directory 身份验证的 Asp.net Identity)
本文介绍了使用密码和 Azure Active Directory 身份验证的 Asp.net Identity的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用 Asp.net Identity (OWIN) 构建一个 ASP.NET MVC 5 网站,并希望同时支持传统的用户名/密码身份验证以及针对 Azure Active Directory 的身份验证.此应用不需要针对 Microsoft ID (Live ID)、Facebook、Twitter 或任何其他外部提供商进行身份验证.我发现的最接近的 SO 问题是:如何在 ASP.NET MVC 上同时执行 Azure Active Directory 单点登录和表单身份验证

I'm building an ASP.NET MVC 5 web site using Asp.net Identity (OWIN) and want to support both traditional username/password authentication as well as authentication against Azure Active Directory. This app does not need to authenticate against Microsoft IDs (Live IDs), Facebook, Twitter or any of the other external providers. The closest SO question I found is this one: How to do both Azure Active Directory Single Sign On and Forms Authentications on ASP.NET MVC

我查看了使用 VS 2015 中的个人用户帐户"选项以及工作和学校帐户"选项创建项目时创建的示例.我的身份验证单独运行良好;只有当我尝试将它们结合起来时才会遇到问题.

I've looked at the samples that get created when you create a project using the "Individual User Accounts" option as well as the "Work and School Accounts" option in VS 2015. I have authentication working well individually; it's only when I try to combine them that I'm running into problems.

在我的 Startup_Auth.cs 文件中,我正在像这样配置 OWIN:

In my Startup_Auth.cs file, I am configuring OWIN like this:

    public void ConfigureAuth(IAppBuilder app)
    {

        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        //app.UseCookieAuthentication(new CookieAuthenticationOptions { });

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
            LoginPath = new PathString("/account/sign-in")
        });

        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                ClientId = clientId,
                Authority = authority,
                TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters
                {
                    ValidateIssuer = false,
                },
                Notifications = new OpenIdConnectAuthenticationNotifications()
                {
                    SecurityTokenValidated = (context) => 
                    {
                        return Task.FromResult(0);
                    },
                    AuthorizationCodeReceived = (context) =>
                    {
                        return Task.FromResult(0);
                    },
                    AuthenticationFailed = (context) =>
                    {
                        context.OwinContext.Response.Redirect("/Home/Error");
                        context.HandleResponse(); // Suppress the exception
                        return Task.FromResult(0);
                    }
                }
            }
        );
    }  

此配置适用于密码身份验证,但不适用于 AAD 身份验证.要启用 AAD 身份验证,我需要注释掉设置 AuthenticationType 的行

This configuration works for password authentication, but doesn't work for AAD authentication. To enable AAD authentication I need to either comment out the line setting the AuthenticationType

AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,

或者,只设置没有值的 CookieAuthentication.

Or, just set CookieAuthentication with no values.

app.UseCookieAuthentication(new CookieAuthenticationOptions { });

我猜想有一个相对简单的方法来解决这个问题,并且会很感激一些关于从哪里开始寻找的想法.

I'd guess that there is a relatively simple approach to this and would appreciate some ideas on where to start looking.

推荐答案

我搜索了微软的例子.所有这些看起来都像您的解决方案.看这里:

I searched examples from Microsoft. And all of them look like your solution. Look here:

  1. WebApp-WSFederation-DotNet
  2. WebApp-MultiTenant-OpenIdConnect-DotNet
  3. WebApp-OpenIDConnect-DotNet

另一个例子是这里 WindowsAzureActiveDirectoryBearerAuthenticationOptions

这篇关于使用密码和 Azure Active Directory 身份验证的 Asp.net Identity的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

DispatcherQueue null when trying to update Ui property in ViewModel(尝试更新ViewModel中的Ui属性时DispatcherQueue为空)
Drawing over all windows on multiple monitors(在多个监视器上绘制所有窗口)
Programmatically show the desktop(以编程方式显示桌面)
c# Generic Setlt;Tgt; implementation to access objects by type(按类型访问对象的C#泛型集实现)
InvalidOperationException When using Context Injection in ASP.Net Core(在ASP.NET核心中使用上下文注入时发生InvalidOperationException)
LINQ many-to-many relationship, how to write a correct WHERE clause?(LINQ多对多关系,如何写一个正确的WHERE子句?)