【发布时间】:2023-03-14 08:58:02
【问题描述】:
我有一个旧的 ASP.NET Web 窗体应用程序。它目前使用带有 Cookie 身份验证和 WSFederation 协议的本地 ADFS。
我们希望将其移至 Azure AD。我想知道是否需要更改 WSFederation 协议,或者它也适用于 Azure AD。另外,是否需要更改Cookie Authentication?
Startup.CS 代码如下:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
//interactive logon process
AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,
//name of the authentication type
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
//TODO: Enable this to always send and receive cookies in SSL when in production
CookieSecure = CookieSecureOption.Always,
//enable sliding expiration
SlidingExpiration = true,
//Cookie expires in 4 hours
ExpireTimeSpan = TimeSpan.FromTicks(DateTime.Now.AddHours(4).Ticks)
});
app.UseWsFederationAuthentication(new WsFederationAuthenticationOptions
{
MetadataAddress = adfsMetadata,
Wtrealm = realm
});
- 已编辑 *
代码修改如下:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
//interactive logon process
AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Active,
//name of the authentication type
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType,
//Login path should be below
// LoginPath = new PathString("login"),
//TODO: Enable this to always send and receive cookies in SSL when in production
CookieSecure = CookieSecureOption.Always,
//enable sliding expiration
SlidingExpiration = true,
//Cookie expires in 4 hours
ExpireTimeSpan = TimeSpan.FromTicks(DateTime.Now.AddHours(4).Ticks)
});
Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
app.UseWindowsAzureActiveDirectoryBearerAuthentication(new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
MetadataAddress = AzureMetaData,
Tenant = Tenant,
Realm = Realm
});
现在抛出错误:
System.ArgumentNullException: '值不能为空。参数名称: allowedAudience'
【问题讨论】:
-
您想知道它是否有效吗?您是否尝试过运行它并查看是否遇到错误?正确测试您的代码是无可替代的。
-
Azure AD 支持 WS-Fed。
-
@mason 代码正在运行。我对代码没有任何问题。我只是想知道相同的代码是否也适用于 Azure AD?
-
您想知道它是否适用于 Azure AD?您是否尝试过运行它并查看是否遇到错误?正确测试您的代码是无可替代的。
-
@mason 我执行了上面发布的更新代码。它抛出错误。我已经提到了。
标签: asp.net azure webforms azure-active-directory adfs