Azure AD 身份验证重定向访问拒绝静态页面(.Net Core + Vue) [英] Azure AD Authentication redirect access denied to static page (.Net Core + Vue)
本文介绍了Azure AD 身份验证重定向访问拒绝静态页面(.Net Core + Vue)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
当登录的用户无法访问应用程序时,我无法在 Web 应用程序(.Net Core 和 Vue.js)上设置身份验证以重定向到静态页面.
I have trouble to setup Authentication on the web application (.Net Core and Vue.js) to redirect to the static page when the logged user has no access to the application.
appsettings.json:
appsettings.json:
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "xxx.onmicrosoft.com",
"TenantId": "xxx-c519-4651-b8c4-xxx",
"ClientId": "xxx-a3f5-4e77-9427-xxx",
"CallbackPath": "/signin-oidc"
},
Startup.cs/ConfigureServices
Startup.cs/ConfigureServices
// cookie policy
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
// azure AD auth
if (applicationFeatures.SsoAuthenticationEnabled ?? false)
{
// adding authentication with Azure Ad
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<CookieAuthenticationOptions>(
AzureADDefaults.CookieScheme,
options => options.AccessDeniedPath = "/home/AccessDenied");
// enable cross-origin requests from microsoft login plaftorm
services.AddCors(options =>
{
var azureADOptions = Configuration.GetSection("AzureAd").Get<AzureADOptions>();
options.AddPolicy("CorsPolicy",
builder => builder.WithOrigins(azureADOptions.Instance)
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
}
// add controllers and vue.js project root
services.AddControllers().AddNewtonsoftJson();
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = applicationFeatures.StaticFilesDirectory;
});
Startup.cs/配置
Startup.cs/Configure
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseSpaStaticFiles();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseCors("CorsPolicy");
app.UseMiddleware<AuthorizationMiddleware>();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
app.UseSpa(spa =>
{
if (env.IsDevelopment())
spa.Options.SourcePath = "ClientApp";
else
spa.Options.SourcePath = "dist";
if (env.IsDevelopment())
{
spa.UseVueCli(npmScript: "serve");
}
});
当我以未分配给 Azure 中已注册应用程序的用户身份登录时,我看到此错误
And when I logged in as a user, which is not assigned to the registered app in Azure, I see this error
推荐答案
解决方案
- 通过导航到企业应用程序下的属性并保存,将需要分配用户"更改为否".
- 转到应用注册门户并授予管理员同意.
这篇关于Azure AD 身份验证重定向访问拒绝静态页面(.Net Core + Vue)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文