none
[c#][Mobile Apps] "You do not have permission to view this directory or page" after adding Authorization to mobile app RRS feed

  • Question

  • Having got the Quickstart working I have added Authorization using 

    https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-how-to-configure-active-directory-authentication/

    and

    https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-cordova-get-started-users/

    When I run the quickstart client app the aad login page is displayed for my AD app. I enter the  Microsoft username I use to connect to Azure etc and am redirected to the usual Microsoft login page to enter my password. On entering my passsword I am redirected to :

    https://mytestapp.azurewebsites.net/.auth/login/aad/callback

    Which displays the message "You do not have permission to view this directory or page."

    What have I missed ?

    If  I cut and paste https://mytestapp.azurewebsites.net/.auth/login/aad/callback into the browser window of my client App I get a success message "You have successfully signed in" and under that "Return to the web site" That link takes me to the main page "https://mytestapp.azurewebsites.net" whch displays the "This Mobile app is up and running" message.


    martin




    Friday, June 10, 2016 12:51 PM

Answers

All replies

  • Hello Martin,

    Since you have not posted any code, I'm going to have to guess

    1) Check your Content-Security-Policy - this is in the index.html file of your cordova app.  Ensure it lists both https://login.windows.net and https://mytestapp.azurewebsites.net

    2) Did you use the Express setup for configuring Azure App Service Authentication / Authorization?  If not, repeat the configuration with the Express edition

    3) Did you select "Allow request (no action)" in the "Action to take when request is not authenticated" box?  This box is in the Authentication / Authorization blade of your app service.

    Friday, June 10, 2016 2:49 PM
  • 1) Check your Content-Security-Policy - this is in the index.html file of your cordova app.  Ensure it lists both https://login.windows.net and https://mytestapp.azurewebsites.net

    Looks OK - see below.

    2) Did you use the Express setup for configuring Azure App Service Authentication / Authorization?  If not, repeat the configuration with the Express edition.

    Yes - I did use express.

    3) Did you select "Allow request (no action)" in the "Action to take when request is not authenticated" box?  This box is in the Authentication / Authorization blade of your app service.

    I originally had "Log in with Azure active Directory", but I just changed it to "Allow request (no action)" and the results were identical. What is the point of "Allow request (no action)" - won't this just allow anonymous access ?

    <head>
            <meta charset="utf-8" />
            <meta name="format-detection" content="telephone=no" />
            <meta name="viewport" content="width=device-width, user-scalable=no" />
            <link rel="stylesheet" type="text/css" href="css/index.css" />
            <meta http-equiv="Content-Security-Policy" content="default-src 'self'
        data: gap: https://login.windows.net https://mytestapp.azurewebsites.net; style-src 'self'">
            <title>Todo list: mytestapp</title>
        </head>

    function onDeviceReady() {
            client = new WindowsAzure.MobileServiceClient('https://mytestapp.azurewebsites.net');


            client.login('aad')
        .then(function () {

            // Create a table reference
            todoItemTable = client.getTable('todoitem');

            // Refresh the todoItems
            refreshDisplay();

            // Wire up the UI Event Handler for the Add Item
            $('#add-item').submit(addItemHandler);
            $('#refresh').on('click', refreshDisplay);

        }, handleError);
        }

           

    martin

    Friday, June 10, 2016 3:56 PM
  • Are you using Ripple or on a real device for developing?

    If you are using the Ripple, maybe you occurred the similar issue. you can refer to the Step 4: Fix the Ripple Issues section of the post 30 Days of Zumo.v2 (Azure Mobile Apps): Day 3 – Azure AD Authentication.

    Tuesday, June 14, 2016 7:24 AM
    Moderator
  • Bingo ! I was using Ripple and that was the issue. Thanks Gary. BTW that 30 days of Zumo looks really useful. I wish I had stumbled across it a couple of weeks ago.

    martin

    Tuesday, June 14, 2016 8:33 AM