配置应用以进行 ADAL 身份验证Configure your app for ADAL authentication

本主题介绍配置应用以进行基于 Azure Active Directory 身份验证库 (ADAL) 的步骤。This topic describes the steps for configuring your app for Azure Active Directory Authentication Library (ADAL) based authentication.

Azure 身份验证设置Azure authentication setup

需要以下各项:You will need the following:

备注

询问你的 IT 管理员你是否具有 Microsoft Azure Rights Management 订阅,请你的 IT 管理员执行以下步骤。Ask your IT Admin whether or not you have a subscription for Microsoft Azure Rights Management and, have your IT Admin perform the steps below. 如果你的组织没有订阅,应请 IT 管理员创建订阅。If your organization does not have a subscription, you should have your IT admin create one. 此外,IT 管理员应使用工作或学校帐户而不是Microsoft 帐户(即 Hotmail)进行订阅。Also, your IT Admin should subscribe with a Work or school account, rather than a Microsoft account (i.e. Hotmail).

注册 Microsoft Azure 后:After signing up for Microsoft Azure:

Azure 登录

  • 向下浏览到门户右侧的 Active Directory 应用程序。Browse down to the Active Directory application on the left side of the portal.

选择 Active Directory

  • 如果尚未创建目录,请选择门户左下角的新建按钮。If you haven’t created a directory already, choose the New button located in the bottom left corner of the portal.

选择“新建”

  • 选择 Rights Management 选项卡,确保 Rights Management 状态活动未知未授权Select the Rights Management tab and ensure that the Rights Management Status is either Active, Unknown or Unauthorized. 如果状态为非活动,请选择门户正下方的激活按钮并确认选择。If the status is Inactive, choose the Activate button at the bottom, center portion of the portal and confirm your selection.

选择“激活”

  • 现在,选择目录并选择“应用程序”,以便在该目录中创建新的本机应用程序Now, create a new Native Application in your directory by selecting your directory, choosing Applications.

选择“应用程序”

  • 然后选择门户正下方的添加按钮。Then choose the Add button located in the bottom, center portion of the portal.

选择“添加”

  • 出现提示时,选择添加我的组织正在开发的应用程序At the prompt choose Add an application my organization is developing.

选择“添加我的组织正在开发的应用程序”

  • 选择本机客户端应用程序,然后选择下一步按钮,以便对应用程序进行命名。Name your application by selecting NATIVE CLIENT APPLICATION and choosing the Next button.

对应用进行命名

  • 添加重定向 URI,并选择“下一步”。Add a redirection URI and choose next. 重定向 URI 必须是有效的 URI 且对你的目录唯一。The redirection URI needs to be a valid URI and unique to your directory. 例如,可以使用与 https://contoso.azurewebsites.net/.auth/login/done 类似的 URIFor example, you could use something like https://contoso.azurewebsites.net/.auth/login/done.

添加重定向 URI

  • 在目录中选择你的应用程序,然后选择配置Select your application in the directory and choose CONFIGURE.

选择“配置”

备注

配置 RMS 客户端时,复制客户端 ID重定向 URI 并将其存储供将来使用。Copy the CLIENT ID and REDIRECT URI and store them for future use when configuring the RMS client.

  • 浏览到应用程序设置的底部,选择其他应用程序的权限下的添加应用程序按钮。Browse to the bottom of your application settings and choose the Add application button under permissions to other applications.

备注

向 Windows Azure Active Directory 显示的委托权限默认情况下是正确的 – 仅应选择一个选项,即登录并读取用户配置文件The Delegated Permissions that are shown for Windows Azure Active Directory are correct by default – only one option should be selected and that option is Sign in and read user profile.

选择“添加应用程序”

  • 选择 Microsoft Rights Management 旁边的加号按钮。Choose the plus button next to Microsoft Rights Management.

选择“+”按钮

  • 现在,选中对话框左下角的复选标记。Now, choose the check mark located on the bottom left corner of the dialog.

选中复选标记

  • 现在即可向应用程序添加 Azure RMS 依赖关系。You’re now ready to add a dependency to your application for Azure RMS. 若要添加依赖关系,请选择其他应用程序的权限下的新增 Microsoft Rights Management Services 项,然后选择委托的权限: 下拉框下的创建和访问用户受保护内容复选框。To add the dependency, select the new Microsoft Rights Management Services entry under permissions to other applications and choose the Create and access protected content for users checkbox under the Delegated Permissions: drop box.

设置权限

  • 选择门户正下方的保存图标,保存应用程序以保留更改。Save your application to persist the changes by choosing the Save icon located on the bottom, center of the portal.

选择“保存”