简体   繁体   English

为存储在Azure VM中的Web应用添加OAuth

[英]Add OAuth for a web app stored in Azure VM

I have an Azure VM which contains the deployment of an ASP.NET Web Application. 我有一个Azure VM,其中包含ASP.NET Web应用程序的部署。 The way that I deploy the web app is trough Web Deploy and files got copied into the C:\\inetpub\\WebApplication1 after the deployment is done. 部署Web应用程序的方式是通过Web Deploy,部署完成后将文件复制到C:\\ inetpub \\ WebApplication1中

Current Authentication is NLTM , for that, the web.config file looks like this in the authentication section. 当前身份验证为NLTM ,为此, web.config文件在身份验证部分中看起来像这样。

<system.webServer>
  <security xdt:Transform="InsertIfMissing">
    <authentication>
      <windowsAuthentication enabled="true">
        <providers>
          <clear />
          <add value="NTLM" />
          <add value="Negotiate" />
        </providers>
      </windowsAuthentication>
      <anonymousAuthentication enabled="false" />
    </authentication>
  </security>
</system.webServer>

And this is how the Authentication looks on the Azure VM IIS 这就是身份验证在Azure VM IIS上的外观 配置器编辑器

配置器编辑器2

How can I switch into OAuth and use Azure Active Directory as the Authorization mechanism to access to the Web App? 如何切换到OAuth并将Azure Active Directory用作访问Web App的授权机制?

So far, I went into the Azure Active Directory in the Azure Portal and Registered a new Application ( Application Type = Web App / API ) and then set the Home Page with the main page of the Web Application ( http://azureMachineName:60 ) 到目前为止,我进入了Azure 门户中Azure Active Directory ,并注册了一个新应用程序( 应用程序类型= Web App / API ),然后将主页设置为Web应用程序的主页( http:// azureMachineName:60

This registration process generated an Object Id and Application Id. 此注册过程生成一个对象ID和应用程序ID。 At this point I don't really know how to hook this up with my Web App solution. 在这一点上,我真的不知道如何将其与我的Web App解决方案联系起来。

This is how the Startup class looks like 这就是Startup类的样子

public partial class Startup
{
    public void Configuration(IAppBuilder app)
    {

    }
}

And inside of the App_Start, I only have the following clases: 在App_Start内部,我只有以下几个方面:

BundleConfig.cs
IdentityConfig.cs
RouteConfig.cs

Any idea how I can switch into OAuth and use AAD? 知道如何切换到OAuth并使用AAD吗?

Based on my understanding that you want to use AAD instead of original authentication, If it is that case, we could add the following code. 根据我的理解,您要使用AAD代替原始身份验证,如果是这种情况,我们可以添加以下代码。 It is the snippet of the demo code that using the ASP.Net OpenID Connect OWIN middleware. 这是使用ASP.Net OpenID Connect OWIN中间件的演示代码的片段。

 // The Client ID is used by the application to uniquely identify itself to Azure AD.
 // The Metadata Address is used by the application to retrieve the signing keys used by Azure AD.
 // The AAD Instance is the instance of Azure, for example public Azure or Azure China.
 // The Authority is the sign-in URL of the tenant.
 // The Post Logout Redirect Uri is the URL where the user will be redirected after they sign out.
 //
    private static string clientId = ConfigurationManager.AppSettings["ida:ClientId"];
    private static string aadInstance = ConfigurationManager.AppSettings["ida:AADInstance"];
    private static string tenant = ConfigurationManager.AppSettings["ida:Tenant"];
    private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"];

    string authority = String.Format(CultureInfo.InvariantCulture, aadInstance, tenant);

    public void ConfigureAuth(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseCookieAuthentication(new CookieAuthenticationOptions());

        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                ClientId = clientId,
                Authority = authority,
                PostLogoutRedirectUri = postLogoutRedirectUri,
                RedirectUri = postLogoutRedirectUri,
                Notifications = new OpenIdConnectAuthenticationNotifications
                {
                    AuthenticationFailed = context => 
                    {
                        context.HandleResponse();
                        context.Response.Redirect("/Error?message=" + context.Exception.Message);
                        return Task.FromResult(0);
                    }
                }
            });
    }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用OAuth2进行负载测试Azure Web App - Load Testing Azure Web App with OAuth2 Azure Web应用程序与Azure VM上Windows窗体应用程序之间的通信 - Communication between an Azure web application and a windows form app on Azure VM Web部署到Azure VM失败 - Web deployment to Azure VM failed 使用Releae管道将Asp.net核心Web应用程序部署到Azure VM - Deploy Asp.net core web app to azure vm using releae pipeline 找不到Azure应用服务ASP.NET Web API OWIN OAuth路径 - Azure App Service ASP.NET Web API OWIN OAuth path not found 如何通过 api 将自定义域添加到 Azure 静态 Web 应用 - How to add a custom domain to Azure static web app by api ASP.NET Web APP 和 Web API 无限重定向循环中的 Azure AD Open ID Connect OAuth 2.0 - Azure AD Open ID Connect OAuth 2.0 in ASP.NET Web APP and Web API Infinite redirect loop 来自存储在数据库中的电子邮件/密码的 Azure Functions OAuth2? - Azure Functions OAuth2 from email / password stored in database? 在.NET Web应用程序上浏览时,我的网站(在Azure VM Windows 2012服务器上)的URL之一开始显示“此页面无法显示” - One of the URLs on my web site (on Azure VM Windows 2012 server) has started getting “This page can't be displayed” when browsed on my , .NET web app 在Azure Web应用程序中为客户添加自定义域,并自动添加加密证书 - Add custom domain for customer in azure web app and add let's encript certificate automatically
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM