我有一个 ASP.NET 4.5.1 MVC/WebAPI 项目。它使用 SSO 针对 Microsoft 进行身份验证。成功登录 Microsoft 后,我的 HomeController 上仍然有 Request.IsAuthenticated。我注册到网络配置文件的网址是http://本地主机:58686/ http://localhost:58686/
现在,我有一个仅 MVC 的示例应用程序,该应用程序在登录后成功进行身份验证。我对代码进行了两次、三次检查,我的 mvc/Web Api 项目使用相同的startup.cs、相同的 Web 配置结构以及对 azure ad 门户的相同注册。但在这个特定的项目中,登录微软后,request.isauthentciated 始终为 false。但是,我从 SecurityTokenValidated 的上下文参数中获得了所有正确的声明。您知道为什么会发生这种情况吗?因为我将项目设置为MVC/WebAPI?
家庭控制器:
public ActionResult Index()
{
//var y = HttpContext.User.Identity.IsAuthenticated;
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext().Authentication.Challenge(
new AuthenticationProperties { RedirectUri = System.Configuration.ConfigurationManager.AppSettings["redirectUrl"] },
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
启动.cs
public void Configuration(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseOpenIdConnectAuthentication(
new OpenIdConnectAuthenticationOptions
{
ClientId = clientId,
Authority = authority,
RedirectUri = redirectUrl,
PostLogoutRedirectUri = redirectUrl,
Scope = OpenIdConnectScopes.OpenIdProfile,
ResponseType = OpenIdConnectResponseTypes.IdToken,
TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters() { ValidateIssuer = false },
Notifications = new OpenIdConnectAuthenticationNotifications
{
AuthenticationFailed = OnAuthenticationFailed,
RedirectToIdentityProvider = (context) =>
{
string appBaseUrl = context.Request.Scheme + "://" + context.Request.Host + context.Request.PathBase;
context.ProtocolMessage.RedirectUri = appBaseUrl + "/";
context.ProtocolMessage.PostLogoutRedirectUri = appBaseUrl;
return Task.FromResult(0);
},
SecurityTokenValidated = (context) =>
{
var identity = context.AuthenticationTicket.Identity;
return Task.FromResult(0);
}
}
}
);
谢谢您和亲切的问候!