ASP.Net Azure Web应用程序身份验证重定向到域而不是本地主机 [英] ASP.Net Azure Web Application authentication redirecting to domain instead of localhost

问题描述

我有两个Azure托管的Web应用程序.第一个似乎正常工作-在本地主机上运行该应用程序进行测试和开发时，通过身份验证后，它会重定向回本地主机，并且该应用程序可以正常运行.发布后，它会重定向到域，并且也可以正常工作.

I have two Azure hosted web applications. The first one seems to work correctly - when running the app on localhost for testing and development, upon authentication, it redirects back to localhost and the app works fine. When published, it instead redirects to the domain and works just fine too.

我已经以完全相同的方式设置了另一个Web应用程序-web.config似乎相同，并且该应用程序在Azure上的配置也相同.当运行发布服务器时，它可以正常工作，但是在localhosst上，它希望在身份验证后重定向到域，然后域重新进行身份验证，最后登录到域-而不是本地主机版本.

I have setup a second webapp in the exact same way - the web.config seems to be the same and the application is configured the same on Azure. When running published, it works fine, but on localhosst, it wants to redirect upon authentication to the domain, which then reauthenticates again and finally logs in to the domain - not the localhost version.

我已经仔细检查了所有设置，看不到任何差异.更奇怪的是，第一个Web应用程序似乎是在Azure上配置的，只有一个域的回复URL.在任何地方都没有对localhost的引用，因此它必须在应用程序内完成.

I have scoured all the settings and cannot see any differences. More bizarrely, the 1st web app seems to be configured on Azure to only have one reply URL of the domain; there is no reference to localhost anywhere so it must be doing this from within the app.

如何获得两个版本"?在使用Azure的Web应用程序中?

How can I achieve the two "versions" in a webapp with Azure?

推荐答案

对于我所想的事情，你所说的话对我来说没有太大意义.但是无论如何，如果您想要一个localhost和已发布的版本都可以使用相同的应用程序注册，则通常只需设置多个答复URL.然后在应用程序配置中(例如，来自应用程序的身份验证请求)，您通常会告诉它要在验证后将应用发送回的重定向/回复网址.

What you are saying doesn't make too much sense to me with what is supposed to happen. But anyway, if you want a localhost and published version both working with the same app registration, you would normally just set up multiple reply urls. then in the app configuration, eg the authentication request from the app, you generally will tell it what redirect/reply url you want the app to send back to after auth.

最终在生成的用于登录的uri中，将存在一个redirect_uri参数，您将与请求一起发送，以请求特定的回复URL.设置方式取决于您的身份验证方式，msal，库等.有关某些示例，请参见此处 https://docs.microsoft.com/zh-cn/azure/active-directory/develop/scenario-web-app.net核心中的-sign-user-app-configuration?tabs = aspnet ，该库会自动确定url的前部，因此您只需在callbackpath参数中为它提供重定向url的相对路径，就可以做到这一点允许您对localhost和发布使用相同的代码.但是在asp.net示例中，您必须提供完整的redirect_url，这可能意味着您需要对其进行更改，或者需要为本地与发布使用不同的配置文件.

Ultimately in the uri generated to log in there will be a redirect_uri param that you will send with the request asking for a specific reply url. how you set it depends on how you are authenticating, msal, library etc. see here for some examples https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-sign-user-app-configuration?tabs=aspnet in .net core, the library auto determines the front part of url so you just give it the relative path of redirect url in the callbackpath parameter, doing it this way allows you to use the same code for both localhost and published. But in asp.net example you have to provide the entire redirect_url, which probably means you need to change it or have a different config file for local vs published.

这篇关于ASP.Net Azure Web应用程序身份验证重定向到域而不是本地主机的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！