当用户的广告身份验证失败时,如何导航到自定义访问被拒绝页面(.net 3.1 core with OpenIDConnect Azure广告身份验证)
我有一个.Net core 3.1 web应用程序,在该应用程序中,我通过在Azure中设置应用程序服务注册以及分配的用户来实现广告认证。现在,当未经授权的用户尝试访问该应用程序时,AD身份验证失败并转到OPENIDConnect异常页面。但我所需要的只是将用户导航到我的应用程序中的自定义页面AccessDenied页面 应为:当用户未通过身份验证时。他应该被导航到/Home/access页面 实际值: 例外页面: Startup.cs当用户的广告身份验证失败时,如何导航到自定义访问被拒绝页面(.net 3.1 core with OpenIDConnect Azure广告身份验证),azure,asp.net-core,azure-active-directory,openid-connect,Azure,Asp.net Core,Azure Active Directory,Openid Connect,我有一个.Net core 3.1 web应用程序,在该应用程序中,我通过在Azure中设置应用程序服务注册以及分配的用户来实现广告认证。现在,当未经授权的用户尝试访问该应用程序时,AD身份验证失败并转到OPENIDConnect异常页面。但我所需要的只是将用户导航到我的应用程序中的自定义页面AccessDenied页面 应为:当用户未通过身份验证时。他应该被导航到/Home/access页面 实际值: 例外页面: Startup.cs public void ConfigureSer
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
.AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.Configure<OpenIdConnectOptions>(AzureADDefaults.OpenIdScheme, options =>
{
options.Authority = options.Authority + "/v2.0/";
options.TokenValidationParameters.ValidateIssuer = false;
//options.AccessDeniedPath = new PathString("/Home/AccessDenied");
options.ResponseType = "id_token code";
options.Events.OnAuthenticationFailed = context =>
{
context.Response.Redirect("/Home/AccessDenied");
context.HandleResponse();
return Task.FromResult(0);
};
});
services.AddControllersWithViews();
services.AddHttpClient();
services.AddSession();
//services.Configure<CookieTempDataProviderOptions>(options =>
//{
// options.Cookie.IsEssential = true;
//});
services.AddMvc(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
});
services.AddLogging();
services.AddProgressiveWebApp();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerFactory loggerFactory)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
app.UseEndpoints(endpoints =>
{
endpoints.MapRazorPages();
endpoints.MapControllers();
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
},
HomeController.cs
[AllowAnonymous]
public IActionResult AccessDenied()
{
return View();
}
在
Startups.cs
中指定CookieAuthenticationOptions上的路径将起作用。请使用下面的代码并在PathString中定义您的路径
services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme, options => {
options.AccessDeniedPath = new PathString("/Home/CustomAccessDenied");
});
services.Configure(CookieAuthenticationDefaults.AuthenticationScheme,选项=>{
options.AccessDeniedPath=新路径字符串(“/Home/CustomAccessDenied”);
});
services.Configure<CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme, options => {
options.AccessDeniedPath = new PathString("/Home/CustomAccessDenied");
});