是否建议在 MSAL 中为 Web 应用程序使用 loginPopup 或 acquireTokenPopup?
Is it ever advisable to use loginPopup or acquireTokenPopup in MSAL for a web app?
根据 MSAL documentation,如果您想支持 IE,或者如果用户有浏览器限制或禁用弹出窗口的策略 windows,建议使用重定向方法。
You can't use both the pop-up and redirect methods in your
application. The choice between a pop-up or redirect experience
depends on your application flow:
- If you don't want users to move away from your main application page during authentication, we recommended the pop-up method. Because the authentication redirect happens in a pop-up window, the state of the main application is preserved.
- If users have browser constraints or policies where pop-ups windows are disabled, you can use the redirect method. Use the redirect method with the Internet Explorer browser, because there are known issues with pop-up windows on Internet Explorer.
基于此,我无法想象为什么有人会想要使用弹出窗口体验,因为它可能会阻止已禁用弹出窗口的用户登录。似乎这仅适用于 运行 在一个非常受控的环境中。有什么我想念的吗?
选择弹出窗口而不是重定向的一个常见原因是重定向只能在应用程序的顶层框架中使用。如果您的应用程序在 iframe 中呈现,弹出窗口是您进行交互式身份验证的唯一选择。除了这个限制,它主要是一个用户体验决定。
根据 MSAL documentation,如果您想支持 IE,或者如果用户有浏览器限制或禁用弹出窗口的策略 windows,建议使用重定向方法。
You can't use both the pop-up and redirect methods in your application. The choice between a pop-up or redirect experience depends on your application flow:
- If you don't want users to move away from your main application page during authentication, we recommended the pop-up method. Because the authentication redirect happens in a pop-up window, the state of the main application is preserved.
- If users have browser constraints or policies where pop-ups windows are disabled, you can use the redirect method. Use the redirect method with the Internet Explorer browser, because there are known issues with pop-up windows on Internet Explorer.
基于此,我无法想象为什么有人会想要使用弹出窗口体验,因为它可能会阻止已禁用弹出窗口的用户登录。似乎这仅适用于 运行 在一个非常受控的环境中。有什么我想念的吗?
选择弹出窗口而不是重定向的一个常见原因是重定向只能在应用程序的顶层框架中使用。如果您的应用程序在 iframe 中呈现,弹出窗口是您进行交互式身份验证的唯一选择。除了这个限制,它主要是一个用户体验决定。