[英]Azure AD SSO: .Net Core 2.1 Single Sign On Based On Organization's Office 365 Username&Password
I have created an ASP.NET Core 2.1 MVC web application and I have used a simple login form to authenticate the users.我创建了一个 ASP.NET Core 2.1 MVC web 应用程序,我使用了一个简单的登录表单来验证用户身份。 Now We have decided to remove the login form and use a single sign-on option with my Organization's Office 365 user credentials or my office's outlook username & password and followed the following Microsoft website but I could not choose the right SSO one.现在我们决定删除登录表单并使用我的组织的 Office 365 用户凭据或我的办公室的 outlook 用户名和密码使用单点登录选项,并遵循以下 Microsoft 网站,但我无法选择正确的 SSO 之一。
This web app is a MVP (minimum viable product) project so we just don't want to use our own authentication & authorization process and only my organization people going to use this app so we have decided to use the Organization's Azure AD SSO.这个 web 应用程序是一个 MVP(最小可行产品)项目,所以我们不想使用我们自己的身份验证和授权过程,只有我的组织人员会使用这个应用程序,所以我们决定使用组织的 Azure AD SSO。 I am not using SAML or WS-Federation protocols in my web app but I just wanted to implement the SSO for my project.我没有在我的 web 应用程序中使用 SAML 或 WS-Federation 协议,但我只想为我的项目实施 SSO。
I searched many sites on the internet, a few websites explained "No code is required to configure SSO but only Azure AD configurations" and some other websites explained with some piece of code also.我在互联网上搜索了很多网站,一些网站解释说“配置 SSO 不需要代码,但只需要 Azure AD 配置”,其他一些网站也用一些代码解释。 So now I am totally confused that how should I achieve the SSO for my simple web application.所以现在我很困惑,我应该如何为我的简单 web 应用程序实现 SSO。
My Startup.cs
code:我的Startup.cs
代码:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddSession(options =>
{
options.Cookie.IsEssential = true;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
//Fetching Connection string from APPSETTINGS.JSON
var ConnectionString = Configuration.GetConnectionString("MbkDbConstr");
//Entity Framework
services.AddDbContext<ShardingDbContext>(options => options.UseSqlServer(ConnectionString));
//Automapper Configuration
AutoMapperConfiguration.Configure();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseSession();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller:required}/{action}/{id?}",
defaults: new { controller = "UserAccount", action = "UserLogin" });
});
}
}
Note: I have configured the app.UseAuthentication()
& other functions but authentication part not used inside my projects.注意:我已经配置了app.UseAuthentication()
和其他功能,但我的项目中没有使用身份验证部分。
If you want to Authenticate your users with App Services, refer the document to see how to enable AAD Authentication in app services.如果要使用应用服务对用户进行身份验证,请参阅文档以了解如何在应用服务中启用 AAD 身份验证。
Generally for any web application, you can configure App Registration in Azure AD.一般对于任何 web 应用,都可以在 Azure AD 中配置 App Registration。 You can configure claim attribute as well in order to use SSO feature.您也可以配置声明属性以使用 SSO 功能。 Refer the document for how to configure app registration in Azure AD.请参阅文档了解如何在 Azure AD 中配置应用注册。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.