I need to add additional authentication method to the existing Web API application that already has the Windows authentication. I have added a Startup file with the code:
using System.Configuration;
using Microsoft.IdentityModel.Tokens;
using Microsoft.Owin;
using Microsoft.Owin.Security.ActiveDirectory;
using Owin;
[assembly: OwinStartup(typeof(TodoList_Web.Startup))]
namespace TodoList_Web
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
TokenValidationParameters = new TokenValidationParameters
{
ValidAudience = ConfigurationManager.AppSettings["ida:Audience"]
},
});
}
}
}
Windows authentication is turned on IIS level and it seems that I should turn of it in IIS and add on the application level - add the configuration to the web.config file:
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
</authentication>
</security>
Will it work at all? Can I somehow use an Authorize attribute to specify what authentication should be applied to particular method/controller? Something like this:
[Authorize(AuthenticationType=Windows)]
or
[Authorize(AuthenticationType=WindowsAzureActiveDirectoryBearer)]
Aucun commentaire:
Enregistrer un commentaire