问题
I am using azure Access Control System (ACS)
in my web application to authenticate users from different identity providers. I successfully registered my application to use ACS. Now i removed my full website security with ACS by removing following content from web.config file :
<authorization>
<deny users="?" />
</authorization>
After removing this my users can access my website home page without login. Now on my homepage i set up a link SignIn
. I want to know how can i redirect my users to ACS default login page when user click over the SignIn link ? ( similarly when asp.net application redirect user to ACS login page if user is not authenticated and trying to access the controller which is decorated by Authorize attribute )
回答1:
You can either manually construct the URL by using the SignInRequestMessage class, or call
FederatedAuthentication.WSFederationAuthenticationModule.RedirectToIdentityProvider() (IIRC).
回答2:
The following code will redirect you to the federated account login page:
public class AccountController : Controller
{
public ActionResult SignIn(string returnUrl)
{
if (String.IsNullOrEmpty(returnUrl))
{
returnUrl = Url.Content("~/");
}
var signInRequest = FederatedAuthentication.WSFederationAuthenticationModule.CreateSignInRequest(
"passive",
returnUrl,
FederatedAuthentication.WSFederationAuthenticationModule.PersistentCookiesOnPassiveRedirects);
return Redirect(signInRequest.RequestUrl);
}
// SignOut, SignOutCallback below from typical MVC template
}
回答3:
Also - I believe that WIF includes a control that will display that sign-in link for you
回答4:
Here's how I've done it in my MVC app.
Allow users access to all unprotected pages with this declaration in web.cofig:
<location path="FederationMetadata">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
Use the RequireHttps attribute on my Logon method:
[HttpGet]
[RequireHttps]
public ActionResult LogOn(string returnUrl)
{
if (string.IsNullOrWhiteSpace(returnUrl))
returnUrl = "/reports";
return LogOnCommon(returnUrl);
}
and use the authentication section of web.config where my Login page is:
<system.web>
<authentication mode="Forms">
<forms loginUrl="~/account/logon" timeout="2880" />
</authentication>
</system.web>
来源:https://stackoverflow.com/questions/14522717/how-to-redirect-user-to-acs-default-login-page