使用Azure的活动目录 - 一个应用程序在本地登录,发表时 [英] Using Azure Active Directory - one application to login locally and when published
问题描述
我建设与Azure的Active Directory身份验证MVC应用程序。当我在当地发展,我想能够登录在测试/开发目的。而应用网址像的http://本地主机:43400。这也是恩在AD应用$ C $光盘登录网址和回复Url`。
I'm building an MVC application with Azure Active Directory authentication. When I develop locally I would like to be able to sign-in for testing/development purposes. And the app url is like http://localhost:43400'. This is also encoded in the AD application inSign-On UrlandReply Url`.
当我部署相同的应用服务器,应用程序的URL被改变 - 变得像 myappname.azurewebsites.net ,并使用相同的广告我无法登录应用。我可以管理的最好的是通过登录过程来获得,但随后AD重定向我回本地主机:43400 这是错误的。
When I deploy the same app to the server, the app url is changed - becomes something like myappname.azurewebsites.net and I can't login using the same AD application. The best I could manage is to get through login process, but then AD redirects me back to localhost:43400 which is wrong.
有在 Startup.Auth.cs 我给到应用程序 PostLogoutRedirectUri 属性,但它并没有差异的。
There is PostLogoutRedirectUri property in Startup.Auth.cs that I give to the app, but it makes no difference at all.
任何方式都使用相同的Azure AD本地应用和部署的应用程序?
我可以做2不同的URL和钥匙AD Applicaitons并重写对部署的web.config 的值。但是,这听起来并不像最好的解决方案。什么我可以做什么?
I can do 2 AD Applicaitons with different urls and keys and rewrite the values in web.config on deploy. But that does not sound like the best solution. Anything else I can do?
UPD
下面是我指的是在 Startup.Auth.cs 位:
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = Authority,
PostLogoutRedirectUri = postLogoutRedirectUri, // <-- this is coming from web.config, different in dev and prod
Notifications = new OpenIdConnectAuthenticationNotifications()
{
.....
}
});
查看全部code这里上市。
See full code listing here.
和天青AD应用我想这两个地址为在同一时间评论网址:
![](\"http://i.stack.imgur.com/Ua47X.png\")
And in Azure AD application I tried both addresses as a Reply URL at the same time:
但是在AD仅即使客户端指定的相匹配的记录中的一个重定向使用的地址中的一个重新导向,
But the AD used only one of the addresses to redirect, even though the client specified the redirection that matches one of the records.
推荐答案
您可以添加多个重定向URI到您的应用程序,这就是为什么该属性作为一个列表来实现!你只需要确保你指定的URI在运行时使用。你可以做,在许多方面 - 你可以指定在初始化中间件时返回URI,也可以添加动态code,将在信息符号注入重定向URI。对于后一种方法的一个例子,请参见RedirectToIdentityProvider在<一href=\"https://github.com/AzureADSamples/WebApp-MultiTenant-OpenIdConnect-DotNet/blob/master/TodoListWebApp/App_Start/Startup.Auth.cs\">https://github.com/AzureADSamples/WebApp-MultiTenant-OpenIdConnect-DotNet/blob/master/TodoListWebApp/App_Start/Startup.Auth.cs
You can add multiple redirect uri to your app, that's why the property is implemented as a list! You just need to make sure that you specify which URI to use at runtime. You can do that in many ways - you can specify the return URI at middleware init time, or you can add dynamic code that will inject a redirect URI in the sign in message. For an example of the latter approach, please see RedirectToIdentityProvider in https://github.com/AzureADSamples/WebApp-MultiTenant-OpenIdConnect-DotNet/blob/master/TodoListWebApp/App_Start/Startup.Auth.cs
这篇关于使用Azure的活动目录 - 一个应用程序在本地登录,发表时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
