Azure Active Directory授权

Question

I'm trying to do user authorization though AAD in azure app with own client side. 我正在尝试通过具有自己客户端的azure应用中的AAD进行用户授权。 I have a user named "User" in my AAD with password "pass". 我的AAD中有一个名为“用户”的用户，密码为“ pass”。 When user is trying to connect the app: 当用户尝试连接应用程序时：

            try
            {
                if (false == Utils.DataBaseUtils.CheckLoginCorrect(sceneMessage.Login, sceneMessage.Pwd))
                {
                    WriteToLog("Wrong password");
                    SendError(handler, "Wrong password");
                    return;
                }
            }
            catch (Exception e)
            {
                WriteToLog("Unexpected problem when checking password: "+e.ToString());
                SendError(handler, "Unexpected problem when checking password");
                return;
            }

    //authorization using Azure Active Directory
    public static bool CheckLoginCorrect(string login, string password)
    {
        if (string.IsNullOrEmpty(login) || string.IsNullOrEmpty(password))  //validatecredentials return true if log or pass is empty
            return false;

        using (PrincipalContext adContext = new PrincipalContext(ContextType.Domain, "mydomain156.onmicrosoft.com"))  //represent AD
        {
            return adContext.ValidateCredentials(login, password, ContextOptions.Negotiate);
        }
    }

Where sceneMessage.Login == "User" , sceneMessage.Pwd == "pass" . 其中sceneMessage.Login == "User" ， sceneMessage.Pwd == "pass" 。 Here I'm getting error: 在这里我得到了错误：

System.DirectoryServices.AccountManagement.PrincipalServerDownException: The server could not be contacted. System.DirectoryServices.AccountManagement.PrincipalServerDownException：无法联系服务器。 ---> System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable. ---> System.DirectoryServices.Protocols.LdapException：LDAP服务器不可用。

Could anybody help, please? 有人可以帮忙吗？

Answer 1

It looks like you're using the AD libraries for traditional on-premise AD. 看起来您正在将AD库用于传统的本地AD。 To program against Azure AD, use the Auzre Authentication Library (AAL). 若要针对Azure AD进行编程，请使用Auzre身份验证库（AAL）。 Note, last week AAL was renamed to Active Directory Authentication Library. 请注意，上周AAL被重命名为Active Directory身份验证库。

http://msdn.microsoft.com/en-us/library/jj573266.aspx http://msdn.microsoft.com/en-us/library/jj573266.aspx

Answer 2

Azure Active Directory Authentication Library (ADAL, formerly AAL) is the correct API to use for authenticating users in Azure Active Directory. Azure Active Directory身份验证库（ADAL，以前为AAL）是用于对Azure Active Directory中的用户进行身份验证的正确API。 Version 1 has been released and you can find more information here: 版本1已发布，您可以在此处找到更多信息：

http://www.cloudidentity.com/blog/2013/09/12/active-directory-authentication-library-adal-v1-for-net-general-availability/ http://www.cloudidentity.com/blog/2013/09/12/active-directory-authentication-library-adal-v1-for-net-general-availability/

Azure Active Directory授权

问题描述

2 个解决方案

解决方案1
1 2013-08-12 15:50:48

解决方案2
0 2013-09-17 17:01:49

Azure Active Directory授权

问题描述

2 个解决方案

解决方案1 1 2013-08-12 15:50:48

解决方案2 0 2013-09-17 17:01:49

解决方案1
1 2013-08-12 15:50:48

解决方案2
0 2013-09-17 17:01:49