使用Azure AD时将用户重定向到自定义登录页面 [英] Redirect user to custom login page when using Azure AD

问题描述

我正在使用以下代码示例将Azure AD登录插入我的应用程序中( https: //github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet ).

I'm using the following code example to plug in Azure AD login to my application (https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet).

我发现代码可以正常工作，但是如果用户尚未登录或会话已过期，我希望能够将用户重定向到自定义登录页面.但是，我正在努力使它起作用，并想知道这是否真的可能吗?

I'm finding that the code works just fine however I want to have to ability to redirect a user to a custom login page if the user hasn't logged in yet or their session has expired. I'm struggling however to get this to work and was wondering if this is indeed possible at all?

是否是设计使用户始终重定向到Azure AD的Microsoft登录页面，而不是您自己的自定义页面?还是我错过了设置?

Is it by design that the user is always redirected to the Microsoft Login page for Azure AD rather than your own custom page or is there a setting I've missed?

我已经修改了FilterConfig.cs中提供的代码，以启用Authorize过滤器属性:

I've amended the supplied code in FilterConfig.cs to enable the Authorize filter attribute:

filters.Add(new AuthorizeAttribute());

我还向web.config添加了以下内容，但没有效果:

I've also added the following to web.config but to no effect:

<authorization>
<allow users="?" />
</authorization>

在Startup.Auth.cs文件中，我看不到对app.UseOpenIdConnectAuthentication可能进行的任何更改，以允许我像使用基于cookie的身份验证一样设置通用的登录页面.

Within the Startup.Auth.cs file I cannot see any changes that are possible to app.UseOpenIdConnectAuthentication to allow me to set up a generic login page as I may possibly do with cookies based auth.

推荐答案

仔细研究代码后，我找到了解决问题的方法.

After some re going over the code I've found the solution to my issue.

在Startup.Auth.cs内:

app.UseCookieAuthentication(new CookieAuthenticationOptions {
   LoginPath = new PathString("/Account/Login")
});

app.UseOpenIdConnectAuthentication(
   new OpenIdConnectAuthenticationOptions {
      ClientId = clientId,
      Authority = authority,
      PostLogoutRedirectUri = postLogoutRedirectUri,
      AuthenticationMode = AuthenticationMode.Passive
});

其中包含AuthenticationMode = AuthenticationMode.Passive行，这似乎阻止了OpenIdConnectAuth执行自动302重定向到AAD登录页面的操作.

It's the inclusion of the AuthenticationMode = AuthenticationMode.Passive line which seems to stop OpenIdConnectAuth from performing the automatic 302 redirect to the AAD login pages.

这篇关于使用Azure AD时将用户重定向到自定义登录页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！