久久久久久久av_日韩在线中文_看一级毛片视频_日本精品二区_成人深夜福利视频_武道仙尊动漫在线观看

asp.net mvc 和 azure 基于活動目錄安全組的授權(quán)

asp.net mvc and azure active directory security group based authorization(asp.net mvc 和 azure 基于活動目錄安全組的授權(quán))
本文介紹了asp.net mvc 和 azure 基于活動目錄安全組的授權(quán)的處理方法,對大家解決問題具有一定的參考價值,需要的朋友們下面隨著小編來一起學(xué)習(xí)吧!

問題描述

限時送ChatGPT賬號..

我正在尋找 ASP.NET MVC 應(yīng)用程序的幫助.它對單租戶 Azure Active Directory 用戶進(jìn)行身份驗(yàn)證,并可以使用 Active Directory 安全組授權(quán)用戶.即,如果用戶是該安全組的一部分,則只允許訪問網(wǎng)站,否則訪問被拒絕.

Visual Studio 本身可以使用向?qū)瓿?Active Directory 身份驗(yàn)證,但不確定如何通過 AAD 安全組執(zhí)行授權(quán).

附:我是 ASP.NET 安全新手

解決方案

當(dāng)用戶登錄應(yīng)用程序時,來自 Azure AD 的傳入令牌將包含 組聲明,一旦你適當(dāng)?shù)匦薷牧藨?yīng)用程序的清單 (有關(guān)步驟,請參閱下面的示例應(yīng)用程序鏈接).然后,您的應(yīng)用程序代碼可以讀取這些聲明并根據(jù)它們做出授權(quán)決策.

這是一個基于組聲明進(jìn)行授權(quán)的示例應(yīng)用程序 -

實(shí)施授權(quán)邏輯時要考慮的其他信息

  1. 您已經(jīng)特別詢問了有關(guān)組的問題,但您還應(yīng)該考慮使用應(yīng)用程序角色,它可以幫助您實(shí)現(xiàn)基于角色的授權(quán)邏輯.查看 Microsoft 文檔鏈接

    I am looking help for ASP.NET MVC application. Which authenticate single tenant azure active directory users and can authorize users using active directory security group. i.e. if user is part of that security group then only allow access to website otherwise access denied.

    Active directory authentication can be done by visual studio itself using wizard but not sure how to perform authorization through AAD security group.

    P.S. I am new to ASP.NET security

    解決方案

    When a user signs into the application, incoming token from Azure AD will contain group claims, once you modify the application's manifest appropriately (see the sample application link below for steps). Your application code can then read these claims and make authorization decisions based on them.

    Here is a sample application that does authorization based on group claims -

    Authorization in a web app using Azure AD groups & group claims

    Group claims

    ADDITIONAL INFORMATION TO CONSIDER WHEN IMPLEMENTING AUTHORIZATION LOGIC

    1. You have specifically asked about Groups, but you should also consider using Application Roles, which can help you implement a Role based authorization logic. Look at Microsoft documentation link Application Roles. Here is a link to another similar question where I have provided a little more detailed information on both Application Roles and Groups and links to sample code for both. Azure Active Directory Integration with Custom RBAC

      Once you understand the usage/purpose of application roles and groups, it's completely possible for you to decide that you want to base your authorization logic on a combination of Roles and Groups information for the signed in user instead of just one.

    2. In case when a user is part of many groups (6 or more AFAIK), Azure AD token doesn't send across the "groups" directly as part of token, instead it sends an overage indicator and then you can query the groups in a separate call. Take a look at the token related documentation here - Claims in id_tokens

    這篇關(guān)于asp.net mvc 和 azure 基于活動目錄安全組的授權(quán)的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網(wǎng)!

    【網(wǎng)站聲明】本站部分內(nèi)容來源于互聯(lián)網(wǎng),旨在幫助大家更快的解決問題,如果有圖片或者內(nèi)容侵犯了您的權(quán)益,請聯(lián)系我們刪除處理,感謝您的支持!

相關(guān)文檔推薦

ASP.NET Core authenticating with Azure Active Directory and persisting custom Claims across requests(ASP.NET Core 使用 Azure Active Directory 進(jìn)行身份驗(yàn)證并跨請求保留自定義聲明)
ASP.NET Core 2.0 Web API Azure Ad v2 Token Authorization not working(ASP.NET Core 2.0 Web API Azure Ad v2 令牌授權(quán)不起作用)
ASP Core Azure Active Directory Login use roles(ASP Core Azure Active Directory 登錄使用角色)
How do I get Azure AD OAuth2 Access Token and Refresh token for Daemon or Server to C# ASP.NET Web API(如何獲取守護(hù)進(jìn)程或服務(wù)器到 C# ASP.NET Web API 的 Azure AD OAuth2 訪問令牌和刷新令牌) - IT屋-程序員軟件開發(fā)技
.Net Core 2.0 - Get AAD access token to use with Microsoft Graph(.Net Core 2.0 - 獲取 AAD 訪問令牌以與 Microsoft Graph 一起使用)
Azure KeyVault Active Directory AcquireTokenAsync timeout when called asynchronously(異步調(diào)用時 Azure KeyVault Active Directory AcquireTokenAsync 超時)
主站蜘蛛池模板: 成人片网址 | 91精品国产色综合久久 | 亚洲精品黄 | 91精品在线看 | 日本福利视频免费观看 | 一级免费黄色 | 一级片av | 亚洲激精日韩激精欧美精品 | 岛国在线免费观看 | www.三级 | 99在线免费视频 | 日韩亚洲视频 | 欧美日韩一区二区三区四区 | 国产一区二区三区四区在线观看 | 精品欧美一区二区中文字幕视频 | 一区日韩 | 久久久.com | 亚洲欧美激情国产综合久久久 | 日本特黄a级高清免费大片 国产精品久久性 | 欧美激情亚洲激情 | 日韩综合网 | 先锋影音资源网站 | 密色视频 | 在线观看日韩av | 日韩美香港a一级毛片免费 国产综合av | 精品欧美黑人一区二区三区 | 91一区二区 | 久久噜噜噜精品国产亚洲综合 | 91精品国产一区二区三区 | 国产精品久久久久久高潮 | 成人国产精品一级毛片视频毛片 | 精品欧美激情精品一区 | 欧美精品成人一区二区三区四区 | 成人在线视频免费观看 | 免费99精品国产自在在线 | 九九久久精品 | av毛片在线播放 | 亚洲第一区久久 | 久久精品99久久 | 成人一区二区电影 | 四虎永久免费黄色影片 |