具有组织帐户身份验证的已发布ASP.NET MVC 5应用重定向到本地主机 [英] Published ASP.NET MVC 5 app with Organizational Account authentication Redirects back to localhost
问题描述
发布使用组织帐户进行身份验证的Web应用程序时出现问题.即,我选择将其发布在azure网站上,使用新的azure SQL数据库作为承租人数据库.我使用单一帐户并指定.onmicrosoft.com域.
逐步:
- 新的ASP.NET应用程序MVC
- 更改身份验证->组织帐户->云-单一组织,域:.onmicrosoft.com,访问级别:单一登录
- Microsoft Azure->云中的主机(已选中),网站
- 在Azure中选择的数据库服务器
- 在IIS Express中调试/运行可以正常工作,它会转到组织"页面进行身份验证,然后浏览回到主页/索引,在导航窗格中显示用户的电子邮件.
- 使用默认(自动生成的)配置文件发布Web会产生一些错误:
6.1.它浏览到http,而不是默认浏览到https
6.2.手动浏览到https://....重定向到onmicrosoft.com进行身份验证,并在身份验证成功完成后,重定向回
https://localhost:xxxxx
在哪里可以为组织帐户配置重定向URL?我已经完成了一些以前的项目的Microsoft帐户身份验证,而且我知道客户端ID和秘密ID绑定到特定的返回URL,但是我不知道在使用组织帐户时应该在哪里寻找应用程序属性.
谢谢.
预拖动.
回答我的问题.以下是一种可行的工作流程:
- 从Visual Studio 2013的Project-> New-> Web-> ASP.NET Web应用程序
- 名称:WebApplication2
-
新的ASP.NET项目– WebApplication2
a.选择一个模板:MVC
b.更改身份验证
i. Organizational Accounts ii. Cloud – Single Organization iii. Domain: <organization_name>.onmicrosoft.com iv. Access Level: Single Sign On
c.好
-
配置Microsoft Azure网站
a.网站名称:WebApplicationXXXXX
b.地区:北欧
c.数据库服务器:现有的数据库服务器
d.数据库用户名:admine.数据库密码:admin_password
f.好
-
使用默认配置文件发布而无需更改任何参数
a.结果将是应用程序中的服务器错误.在地址栏中,它将为
http://webapplicationXXXXX.azurewebsites.net/
-
浏览到https而不是http:
https://webapplicationXXXXX.azurewebsites.net/
a.它将正确重定向到组织帐户.成功通过身份验证后,它将被重定向回
https://localhost:44310/
,这是无法从Azure网站访问的,因此它将失败. -
这次重新发布并进行了一些更正,即发布Web
a. Connection-> DestinationUrl:
https://webapplicationXXXXX.azurewebsites.net/
b.设置->启用组织身份验证(选中)
i. Domain: <organization_name>.onmicrosoft.com ii. Access Level: Single Sign On
c.发布
它可能第一次无法通过身份验证(不知道为什么),但是当手动浏览到https://webapplicationXXXXX.azurewebsites.net/
时,它将按预期的方式工作.
通过跳过上面的步骤5和6,工作流程变得可行.这是否是最佳选择,并根据最佳实践是另一个问题.
I have a problem publishing a web app that uses organizational account for authentication. Namely, I chose to publish it on azure website, using new azure SQL database as tenant db. I use Single account and specify .onmicrosoft.com domain.
Step by step:
- New ASP.NET application, MVC
- Change Authentication -> Organizational Accounts -> Cloud - Single Organization, Domain: .onmicrosoft.com, Access Level: Single Sign On
- Microsoft Azure -> Host in the cloud (checked), Website
- Selected database server in Azure
- Debug/Run in IIS Express works as expected, it goes to Organizational page for authentication and then browse back to Home/Index showing the user's email in the navigation pane.
- Publish Web with default (auto-generated) profile creates couple of errors:
6.1. It browse to http and not to https by default
6.2. Browsing manually to https://.... redirects to onmicrosoft.com for authentication, and after authentication successfully finishes, redirects back to
https://localhost:xxxxx
Where can I configure redirect URL for organizational accounts? I've done for some previous projects Microsoft account authentication, and I know that client id and secret id are bound to a specific return url, but I have no idea where to look for application properties when organizational accounts are used.
Thanks.
Predrag.
To answer my question. Below is one possible workable workflow:
- From Visual Studio 2013, Project->New->Web->ASP.NET Web Application
- Name: WebApplication2
New ASP.NET Project – WebApplication2
a. Select a template: MVC
b. Change Authentication
i. Organizational Accounts ii. Cloud – Single Organization iii. Domain: <organization_name>.onmicrosoft.com iv. Access Level: Single Sign On
c. OK
Configure Microsoft Azure Website
a. Site name: WebApplicationXXXXX
b. Region: North Europe
c. Database server: existing database server
d. Database username: admin
e. Database password: admin_password
f. OK
Publish with the default profile without changing any parameters
a. The result will be Server error in application. In the address bar, it will be
http://webapplicationXXXXX.azurewebsites.net/
Browse to https instead of http:
https://webapplicationXXXXX.azurewebsites.net/
a. It will be redirected to organizational account correctly. After successful authentication, it will be redirected back to
https://localhost:44310/
which is not accessible from Azure website, so it will fail.Launch publishing again with some corrections this time, Publish Web
a. Connection->DestinationUrl:
https://webapplicationXXXXX.azurewebsites.net/
b. Settings->Enable Organizational Authentication (check)
i. Domain: <organization_name>.onmicrosoft.com ii. Access Level: Single Sign On
c. Publish
It might fail to authenticate first time (no idea why), but when manually browsed to https://webapplicationXXXXX.azurewebsites.net/
, it will work as it is supposed to.
By skipping steps 5 and 6 above, the workflow becomes workable. It’s another question if it’s optimal and according to the best practices.
这篇关于具有组织帐户身份验证的已发布ASP.NET MVC 5应用重定向到本地主机的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!