Question
I had never dealt with Active Directory, much less Azure Active Directory before, plus my understanding of how web security works is extremely shaky. So, please, be gentle no matter how stupid I sound on the topic.
I'm currently trying to set up an MVC website security based on Azure Active Directory. I followed the following tutorial:
http://msdn.microsoft.com/en-us/library/windowsazure/dn151790.aspx
For my "APP URL" and "APP ID URI" options in the "Register a New Application" step I had entered "http://localhost:1111/Account/Login/" hoping that only when I try to redirect to a Login page by clicking on a Login button I will have to authenticate through Azure. However, I'm prompted to authenticate through Azure as soon as my app starts and before I even get a chance to get redirected to a Login page.
I need the website users to have an unauthorized access to some pages. Therefore, having them prompted for credentials as soon as the app starts doesn't really work for me.
Can someone give me pointers, links, sequence of steps and code bits if need be that I can use to make my app only hit Azure AD when a login is requested by the user?
Thanks a lot in advance.
Solution
The Identity and Access tool by default changes the configuration in the web.config to require all unauthenticated users be redirected to the authentication provider.
https://stackoverflow.com/questions/17162631
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian<authorization>
<deny users="?" />
</authorization>
I believe you'll need to change to something like
<authorization>
<allow users="?" />
</authorization>
Then in your app, you'll need to handle authentication for specific resources (e.g. add [Authorize] attribute to controller actions, etc.)
