带有 Azure AD 的 IdentityServer 4 作为外部提供者托管在 Kube.netes pod 中
[英]IdentityServer 4 with Azure AD as external provider hosted in Kubernetes pod
问题描述
I have created a custom Identity Service that mainly uses Identity Server 4 with Azure AD as an external provider.
我创建了一个自定义身份服务,主要使用 Identity Server 4 和 Azure AD 作为外部提供者。 I have configured azure ad, having all the required ids & secrets and locally was able to authenticate any registered user in Azure.我已经配置了 azure 广告,拥有所有必需的 ID 和机密,并且能够在本地对 Azure 中的任何注册用户进行身份验证。
The problem appears when we deployed that service into Kube.netes.当我们将该服务部署到 Kube.netes 时,问题就出现了。
I have added a public URL like https://myidentitydomain.com/signin-oidc .我添加了一个公共 URL,例如https://myidentitydomain.com/signin-oidc 。 In a pod, we have a different domain of identity service than public one (be-identity-service), but it is how it works in Kube.netes.在 pod 中,我们有一个不同于公共域的身份服务域 (be-identity-service),但这就是它在 Kube.netes 中的工作方式。 Not sure that its the issue connected to reply URL failure.不确定它的问题与回复 URL 失败有关。 But also my identity service has to be hosted in private.network in Azure.而且我的身份服务必须托管在 Azure 的 private.network 中。
Really appreciate for any given advice.非常感谢任何给定的建议。
1 个解决方案
解决方案1
1 2020-09-01 07:16:45
When you click on the sign-in button to authenticate with IdentityServer, do look at the URL to see what returnurl was actually sent to it and add it to the client definition.当您单击登录按钮以使用 IdentityServer 进行身份验证时,请查看URL以查看实际发送给它的 returnurl 并将其添加到客户端定义中。
For example:例如:
https://demo.identityserver.io/Account/Login?ReturnUrl=%2Fdiagnostics
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.