使用 Azure AD 时将用户重定向到自定义登录页面

时间:2022-11-20
本文介绍了使用 Azure AD 时将用户重定向到自定义登录页面的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我正在使用以下代码示例将 Azure AD 登录插入我的应用程序 (https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet).

I'm using the following code example to plug in Azure AD login to my application (https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet).

我发现代码工作得很好,但是如果用户尚未登录或他们的会话已过期,我希望能够将用户重定向到自定义登录页面.然而,我正在努力让它发挥作用,并想知道这是否真的可能?

I'm finding that the code works just fine however I want to have to ability to redirect a user to a custom login page if the user hasn't logged in yet or their session has expired. I'm struggling however to get this to work and was wondering if this is indeed possible at all?

用户是否总是被重定向到 Azure AD 的 Microsoft 登录页面而不是您自己的自定义页面,还是我遗漏了某个设置?

Is it by design that the user is always redirected to the Microsoft Login page for Azure AD rather than your own custom page or is there a setting I've missed?

我修改了 FilterConfig.cs 中提供的代码以启用授权过滤器属性:

I've amended the supplied code in FilterConfig.cs to enable the Authorize filter attribute:

filters.Add(new AuthorizeAttribute());

我还在 web.config 中添加了以下内容,但没有效果:

I've also added the following to web.config but to no effect:

<authorization>
<allow users="?" />
</authorization>

Startup.Auth.cs 文件中,我看不到任何可能对 app.UseOpenIdConnectAuthentication 进行的更改,以允许我尽可能设置通用登录页面可能使用基于 cookie 的身份验证.

Within the Startup.Auth.cs file I cannot see any changes that are possible to app.UseOpenIdConnectAuthentication to allow me to set up a generic login page as I may possibly do with cookies based auth.

推荐答案

在重新检查代码后,我找到了问题的解决方案.

After some re going over the code I've found the solution to my issue.

Startup.Auth.cs内:

app.UseCookieAuthentication(new CookieAuthenticationOptions {
   LoginPath = new PathString("/Account/Login")
});

app.UseOpenIdConnectAuthentication(
   new OpenIdConnectAuthenticationOptions {
      ClientId = clientId,
      Authority = authority,
      PostLogoutRedirectUri = postLogoutRedirectUri,
      AuthenticationMode = AuthenticationMode.Passive
});

包含 AuthenticationMode = AuthenticationMode.Passive 行似乎阻止 OpenIdConnectAuth 执行自动 302 重定向到 AAD 登录页面.

It's the inclusion of the AuthenticationMode = AuthenticationMode.Passive line which seems to stop OpenIdConnectAuth from performing the automatic 302 redirect to the AAD login pages.

这篇关于使用 Azure AD 时将用户重定向到自定义登录页面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

上一篇:WindowsTokenRoleProvider 的性能不佳 下一篇:向 Active Directory 用户添加地址信息

相关文章

最新文章