MVC / SPA认证场景为Azure的AD [英] MVC/SPA Authentication Scenarios for Azure AD
问题描述
这些应用类型和场景,Azure的AD支持:结果
Web浏览器与Web应用程序结果
本地应用程序的Web API 结果
Web应用程序与Web API 结果
守护程序或网页API 服务器应用
These are Application Types and Scenarios that Azure AD supports:
Web Browser to Web Application
Native Application to Web API
Web Application to Web API
Daemon or Server Application to Web API
我有两个问题:
-
我想明白的地方我的方案如下适合。结果
我想我需要使用JWT令牌,似乎对Web API的本机应用程序是最接近的,
但我仍然需要Asp.Net MVC应用程序提供客户端角度MVC资源(HTML模板,控制器和REST服务)
I would like to understand where my scenario below fits.
I think I need to use JWT tokens and it seems that Native Application to Web API is the closest, but I still need Asp.Net MVC application to deliver Client side Angular MVC resources (html templates, controllers and Rest services)
Which Azure Active Directory Code Samples are the closest to my scenario below:
我想创建一个多租户Angularjs(使用Asp.Net MVC 5送到),并与Azure的AD固定休息的Web API 2。我想有租客选择自己的域名,如firstTenant.com,
smt.firstTenant.com或有像firstTenant.MySaaS.com,secondTenant.MySaaS.com子域
或MySaaS.com/firstTenant,MySaaS.com/secondTenant或类似的域名命名方案。
I would like to create a multi-tenant Angularjs (delivered using Asp.Net MVC 5) and Rest Web API 2 secured with Azure AD. I would like to have tenants choose their domain names like firstTenant.com, smt.firstTenant.com or to have subdomains like firstTenant.MySaaS.com, secondTenant.MySaaS.com or MySaaS.com/firstTenant, MySaaS.com/secondTenant or similar domain naming scheme.
我会使用某种IoC容器来定制添加到我的SaaS应用程序或类似对每个租户(GUI和业务逻辑和DB)提供特定的功能。
我会用和Asp.Net MVC应用程序,将度身订制SPA资源(HTML模板,.js文件控制器,.js文件服务,的CSS,图像等),以每个租户并使用一些分区卡玛森从数据库中检索租户和用户的具体内容从REST API控制器调用。
I would use some kind of IoC container to add customization to my SaaS application or similar to deliver specific functionality to each tenant (GUI and business logic and DB). I would use and Asp.Net MVC application that will custom tailor SPA resources (html templates, .js controllers, .js services, .css, images etc) to each tenant and use some partitioning techniquest to retrieve tenant and user specific content from DB called from Rest API controllers.
谢谢,
拉德
推荐答案
我也面临着同样的'我不知道'的问题:)
但据我研究,从SPA aplication到Web API的授权流程。
你仍然需要网络服务器(MVC)项目,该项目将privide重定向到身份提供者(蔚蓝AD)登录页面,在IP回调,您将需要注入baerer令牌角身份验证服务,将发送令牌的API或处理刷新令牌。
I am also facing the same 'i dont know' issue :) But far as i have researched the authorization flow from SPA aplication to the web api. You still need webserver(mvc) project that will privide redirecting to the Identity provider (azure AD) login page and on the IP callback you will need to inject baerer token to Angular auth service that will send token to the api or deal with the refresh token.
所以对我来说我认为,Web应用程序与Web API,方向是正确的节目。
So for me I think that, Web Application to Web API, is the right direction programming.
请评论,如果我错了
目前我们正在调查链接
的http://$c$c.msdn.microsoft.com/windowsazure/MyCompany-demo-applications-eedab900
更新2:
的http://www.cloudidentity.com/blog/2014/04/22/AUTHENTICATION-PROTOCOLS-WEB-UX-AND-WEB-API/
也许这将有助于我们的。
Maybe it will be helpful to us.
这篇关于MVC / SPA认证场景为Azure的AD的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
