Reputation: 59
MVC - ADFS Authentication - ADFS redirects to localhost
I'm trying to publish a new MVC application to an Azure App Service. The app uses ADFS single sign on authentication, I have added a relying party trust on the ADFS server and can login when testing on localhost.
After publishing to my app service and trying to login it redirects to ADFS but once authenticating it redirects to localhost.
I have tried to research the issue and found the following blog and screenshot: http://rickrainey.com/2014/07/28/authenticating-with-organizational-accounts-and-azure-active-directory/
But in Visual Studio 2015 and 2017 my settings look like this: https://i.sstatic.net/OfZEF.jpg
And the following question (which is relevant to VS 2013) points to enabling organisational authentication, but the comment on the accepted answer says that the option has been removed in VS 2015. Published ASP.NET MVC 5 app with Organizational Account authentication Redirects back to localhost
My question is what are the steps in VS 2015 or 2017 to enable organisational authentication and stop my app redirecting to localhost once ADFS has authenticated?
Upvotes: 1
Views: 3191
Answers (2)
Reputation: 59
After much googling I found the problem wasn't enabling organisational authentication, it's actually in ADFS settings for my relying party trust.
You have to edit the relying party trust on your ADFS server. Right click > Properties > Endpoints > Add a WS-Federation Endpoint pointing to your https root site URL > Tick set as default.
My site now works and authenticates with ADFS.
Upvotes: 0
Reputation: 383
I would rather recommend you to look into the adfs configuration here
have a look at the redirected adfs url:
https://youradfsserver/oauth2/authorize?response_type=id_token&redirect_uri=https%3A%2F%2Flocalhost%3A44388%2F...... you have a query parameter named: redirect_uri which is probably built from the SingIn Method in your account controller
public void SignIn()
{
// Send an OpenID Connect sign-in request.
if (!Request.IsAuthenticated)
{
HttpContext.GetOwinContext()
.Authentication.Challenge(new AuthenticationProperties
{ RedirectUri = "/" },
OpenIdConnectAuthenticationDefaults.AuthenticationType);
}
}
make sure it is not any absolute URL
Upvotes: 0
Related Questions
- Issue: creating AD FS claims aware application in Visual Studio 2013
- .NET MVC Application - Azure Active Directory - Redirecting to LocalHost
- Website continuously redirects to ADFS
- MVC ASP.NET using On-Premises Orgnaization Authentication
- .NET MVC5 w/ ADFS and Windows Authentication
- MVC3 site using Azure ACS & ADFS continually prompts for credentials when using Firefox and Chrome
- ADFS 2.0 Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042
- ADFS Authentication in ASP.NET 5 MVC 6
- MVC5 Web app using ADFS On-Premises Organizational Auth and Visual Studio 2013 localhost development
- Azure - running an app in Azure using ADFS returns the following error: Exception message: ID4014: A SecurityTokenHandler is not