Authenticate against Azure AD - ColdFusion Web Application
Question
I'm developing a web application which will require users to login before they can use the app. I've looked into using the Azure Active Directory as the resource which I will authenticate against, however I'm having trouble understanding how to set things up.
I've logged into the Azure Portal and have created my Active Directory. I've also added my custom Web App to the Applications area, and provided the App Login URL and APP ID URI. Now I have been given my Client ID and Federation Metadata Document Url, but I have no idea where to go from here.
Could someone provide an example of how I take the username and password which they enter in my login form and submit that to Azure, receiving back a result which would indicate success or failure? Or is that not how it works?
Any help is greatly appreciated. I don't need any other information from the Active Directory other than confirmation that YES, the username and password matches and let them in.
The web application is coded in ColdFusion as per the client's request, and it is hosted on their server.
Thank you!!!
UPDATE
Using the directions found here https://msdn.microsoft.com/en-us/library/azure/dn645542.aspx I have been able to successfully request an authorization code by logging in using an Active Directory account. After I log in, the system redirects me back to my web application, and has a long url code variable, along with a url session_state variable. My question now is, what do I do with this information from my web app?
1 answers
solution1
1 ACCPTED 2016-01-28 19:08:41
Using the directions found here https://msdn.microsoft.com/en-us/library/azure/dn645542.aspx I have been able to successfully request an authorization code by logging in using an Active Directory account. After I log in, the system redirects me back to my web application, and has a long url code variable, along with a url session_state variable. My question now is, what do I do with this information from my web app?
If you look at the picture in the link you mentioned, there are 6 steps.
What you have done so far is performed step 1 and 2. Now you would need to perform step 3 and 4 ie get an access token using the auth code you have received.
Please see the section titled Use the Authorization Code to Request an Access Token in the same link regarding how to do it.
As part of Step 4, you will get an access token back. It is essentially a JWT token. Not sure how you would do that in Cold Fusion, but you can simply decrypt/parse (for the lack of better words :)) this token to get information about the user.
Given that you only want to find out if the user is authenticated successfully, I believe if you have received the code you're good. You don't have to do anything more.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.