具有组织帐户身份验证的已发布ASP.NET MVC 5应用重定向到本地主机 [英] Published ASP.NET MVC 5 app with Organizational Account authentication Redirects back to localhost

问题描述

发布使用组织帐户进行身份验证的Web应用程序时出现问题.即，我选择将其发布在azure网站上，使用新的azure SQL数据库作为承租人数据库.我使用单一帐户并指定.onmicrosoft.com域.

逐步:

1. 新的ASP.NET应用程序MVC
2. 更改身份验证->组织帐户->云-单一组织，域:.onmicrosoft.com，访问级别:单一登录
3. Microsoft Azure->云中的主机(已选中)，网站
4. 在Azure中选择的数据库服务器
5. 在IIS Express中调试/运行可以正常工作，它会转到组织"页面进行身份验证，然后浏览回到主页/索引，在导航窗格中显示用户的电子邮件.
6. 使用默认(自动生成的)配置文件发布Web会产生一些错误: 6.1.它浏览到http，而不是默认浏览到https 6.2.手动浏览到https://....重定向到onmicrosoft.com进行身份验证，并在身份验证成功完成后，重定向回https://localhost:xxxxx

在哪里可以为组织帐户配置重定向URL?我已经完成了一些以前的项目的Microsoft帐户身份验证，而且我知道客户端ID和秘密ID绑定到特定的返回URL，但是我不知道在使用组织帐户时应该在哪里寻找应用程序属性.

谢谢.

预拖动.

解决方案

回答我的问题.以下是一种可行的工作流程:

1. 从Visual Studio 2013的Project-> New-> Web-> ASP.NET Web应用程序
2. 名称:WebApplication2

3. 新的ASP.NET项目– WebApplication2

   a.选择一个模板:MVC

   b.更改身份验证

   i.  Organizational Accounts
   ii. Cloud – Single Organization
   iii.    Domain: <organization_name>.onmicrosoft.com
   iv. Access Level: Single Sign On
   

   c.好

4. 配置Microsoft Azure网站

   a.网站名称:WebApplicationXXXXX

   b.地区:北欧

   c.数据库服务器:现有的数据库服务器

   d.数据库用户名:admin

   e.数据库密码:admin_password

   f.好

5. 使用默认配置文件发布而无需更改任何参数

   a.结果将是应用程序中的服务器错误.在地址栏中，它将为http://webapplicationXXXXX.azurewebsites.net/

6. 浏览到https而不是http:https://webapplicationXXXXX.azurewebsites.net/

   a.它将正确重定向到组织帐户.成功通过身份验证后，它将被重定向回https://localhost:44310/，这是无法从Azure网站访问的，因此它将失败.

7. 这次重新发布并进行了一些更正，即发布Web

   a. Connection-> DestinationUrl:https://webapplicationXXXXX.azurewebsites.net/

   b.设置->启用组织身份验证(选中)

   i.  Domain: <organization_name>.onmicrosoft.com
   
   ii. Access Level: Single Sign On
   

   c.发布

它可能第一次无法通过身份验证(不知道为什么)，但是当手动浏览到https://webapplicationXXXXX.azurewebsites.net/时，它将按预期的方式工作. 通过跳过上面的步骤5和6，工作流程变得可行.这是否是最佳选择，并根据最佳实践是另一个问题.

I have a problem publishing a web app that uses organizational account for authentication. Namely, I chose to publish it on azure website, using new azure SQL database as tenant db. I use Single account and specify .onmicrosoft.com domain.

Step by step:

1. New ASP.NET application, MVC
2. Change Authentication -> Organizational Accounts -> Cloud - Single Organization, Domain: .onmicrosoft.com, Access Level: Single Sign On
3. Microsoft Azure -> Host in the cloud (checked), Website
4. Selected database server in Azure
5. Debug/Run in IIS Express works as expected, it goes to Organizational page for authentication and then browse back to Home/Index showing the user's email in the navigation pane.
6. Publish Web with default (auto-generated) profile creates couple of errors: 6.1. It browse to http and not to https by default 6.2. Browsing manually to https://.... redirects to onmicrosoft.com for authentication, and after authentication successfully finishes, redirects back to https://localhost:xxxxx

Where can I configure redirect URL for organizational accounts? I've done for some previous projects Microsoft account authentication, and I know that client id and secret id are bound to a specific return url, but I have no idea where to look for application properties when organizational accounts are used.

Thanks.

Predrag.

解决方案

To answer my question. Below is one possible workable workflow:

1. From Visual Studio 2013, Project->New->Web->ASP.NET Web Application
2. Name: WebApplication2

3. New ASP.NET Project – WebApplication2

   a. Select a template: MVC

   b. Change Authentication

   i.  Organizational Accounts
   ii. Cloud – Single Organization
   iii.    Domain: <organization_name>.onmicrosoft.com
   iv. Access Level: Single Sign On
   

   c. OK

4. Configure Microsoft Azure Website

   a. Site name: WebApplicationXXXXX

   b. Region: North Europe

   c. Database server: existing database server

   d. Database username: admin

   e. Database password: admin_password

   f. OK

5. Publish with the default profile without changing any parameters

   a. The result will be Server error in application. In the address bar, it will be http://webapplicationXXXXX.azurewebsites.net/

6. Browse to https instead of http: https://webapplicationXXXXX.azurewebsites.net/

   a. It will be redirected to organizational account correctly. After successful authentication, it will be redirected back to https://localhost:44310/ which is not accessible from Azure website, so it will fail.

7. Launch publishing again with some corrections this time, Publish Web

   a. Connection->DestinationUrl: https://webapplicationXXXXX.azurewebsites.net/

   b. Settings->Enable Organizational Authentication (check)

   i.  Domain: <organization_name>.onmicrosoft.com
   
   ii. Access Level: Single Sign On
   

   c. Publish

It might fail to authenticate first time (no idea why), but when manually browsed to https://webapplicationXXXXX.azurewebsites.net/, it will work as it is supposed to. By skipping steps 5 and 6 above, the workflow becomes workable. It’s another question if it’s optimal and according to the best practices.

这篇关于具有组织帐户身份验证的已发布ASP.NET MVC 5应用重定向到本地主机的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！