如何解决在 Umbraco 中使用身份服务器和 Azure Active Directory
我有一个项目使用身份服务器 3 作为前端,以便用户可以登录。 - 这工作正常。
现在我想设置 Azure Active Directory,以便用户可以登录后台。
我遇到的问题是:
登录后台就可以了,我可以登录和退出10次没问题。
但是当我使用身份服务器登录到前端时,即使它有效。
如果您随后尝试使用 Azure Active Directory 再次登录后台,它似乎会转到 microsoft 并重定向到正确的 URL,但您看到的只是登录屏幕,然后您将无法再使用 Active Directory 登录。
这是我的启动类,用于配置 Azure Active Directory 和身份服务器。
private readonly ISettingsService _settingsService;
public UmbracoStandardOwinStartup()
{
_settingsService = ServiceLocator.Current.GetInstance<ISettingsService>();
}
public override void Configuration(IAppBuilder app)
{
//ensure the default options are configured
base.Configuration(app);
app.ConfigureBackOfficeAzureActiveDirectoryAuth(
//The Tenant can also be "YOURDIRECTORYNAME.onmicrosoft.com"
tenant: ConfigurationManager.AppSettings["azureAd:tenantId"],clientId: ConfigurationManager.AppSettings["azureAd:clientId"],//The value of this will need to change depending on your current environment
postLoginRedirectUri: ConfigurationManager.AppSettings["azureAd:redirectUrl"],//This is the same as the TenantId
issuerId: new Guid(ConfigurationManager.AppSettings["azureAd:tenantId"]));
}
protected override void ConfigureServices(IAppBuilder app)
{
//Error if you don't use this: No Umbraco.Core.Security.IBackOfficeUserManagerMarker has been registered with Owin which means that no Umbraco back office user manager has been registered
base.ConfigureServices(app);
//Single method to configure the Identity user manager for use with Umbraco
app.ConfigureUserManagerForUmbracoMembers<UmbracoApplicationMember>();
//Single method to configure the Identity user manager for use with Umbraco
app.ConfigureRoleManagerForUmbracoMembers<UmbracoApplicationRole>();
}
protected override void ConfigureMiddleware(IAppBuilder app)
{
//Ensure owin is configured for Umbraco back office authentication. If you have any front-end OWIN
// cookie configuration,this must be declared after it.
app
.UseUmbracoBackOfficeCookieAuthentication(ApplicationContext,PipelineStage.Authenticate)
.UseUmbracoBackOfficeExternalCookieAuthentication(ApplicationContext,PipelineStage.Authenticate);
// Enable the application to use a cookie to store information for the
// signed in user and to use a cookie to temporarily store information
// about a user logging in with a third party login provider
// Configure the sign in cookie
app.UseCookieAuthentication(new FrontEndCookieAuthenticationOptions
{
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user
// logs in. This is a security feature which is used when you
// change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator
.OnValidateIdentity<UmbracoMembersUserManager<UmbracoApplicationMember>,UmbracoApplicationMember,int>(
TimeSpan.FromMinutes(_settingsService.AuthCookieTimeoutMinutes()),(manager,user) => user.GenerateUserIdentityAsync(manager),IdentityExtensions.GetUserId<int>)
},CookieName = _settingsService.AuthCookieName(),ExpireTimeSpan = TimeSpan.FromMinutes(_settingsService.AuthCookieTimeoutMinutes()),SlidingExpiration = true
},PipelineStage.Authenticate);
// Uncomment the following lines to enable logging in with third party login providers
//app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
app.ConfigureIdentityServer();
//Lasty we need to ensure that the preview Middleware is registered,this must come after
// all of the authentication middleware:
app.UseUmbracoPreviewAuthentication(ApplicationContext,PipelineStage.Authorize);
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。