我正在尝试开发一个可以同时支持 Azure AD 身份验证和窗体身份验证的 MVC ASP.NET C# 应用程序。
我读过它并得出以下结论:
我有一个用于表单身份验证的登录表单和一个将我重定向到 Azure AD 登录的按钮。
登录AD后,它会自动将我重定向到 http://localhost/login.aspx?ReturnUrl=%2f.
使用以下代码:
启动.cs
public partial class Startup
{
private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
private static string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
private static string tenant = ConfigurationManager.AppSettings["ida:Tenant"];
private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];
string authority = String.Format(CultureInfo.InvariantCulture, aadInstance, tenant);
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions());
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
PostLogoutRedirectUri = postLogoutRedirectUri,
RedirectUri = postLogoutRedirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = context =>
{
context.HandleResponse();
context.Response.Redirect("/Error?message=" + context.Exception.Message);
return Task.FromResult(0);
}
}
});
}
}
帐户控制器.cs
public void SignIn()
{
// Send an OpenID Connect sign-in request.
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
}
public void SignOut()
{
// Send an OpenID Connect sign-out request.
HttpContext.GetOwinContext().Authentication.SignOut(
OpenIdConnectAuthenticationDefaults.AuthenticationType, CookieAuthenticationDefaults.AuthenticationType);
}
public void EndSession()
{
// If AAD sends a single sign-out message to the app, end the user's session, but don't redirect to AAD for sign out.
HttpContext.GetOwinContext().Authentication.SignOut(CookieAuthenticationDefaults.AuthenticationType);
}
我的问题是为什么它将我重定向到 http://localhost/login.aspx?ReturnUrl=%2f,因为该应用程序是 MVC 并且我的项目中没有 aspx。
默认情况下,窗体身份验证的登录 URL 是 Login.aspx。您可以在 web.config 中指定 Windows 窗体身份验证的登录 URL:
<authentication mode="Forms">
<forms loginUrl="/account/signin" defaultUrl="/" />
</authentication>
详细信息: 窗体身份验证.登录网址
属性