487 questions
1
vote
1
answer
53
views
.Net Core custom error handling from unauthorized access
I am trying to implement a simple custom error handling page, after went through different approaches online, I have the following code:
Statup.cs
public void Configure(IApplicationBuilder app, ...
- 1,078
0
votes
1
answer
31
views
AuthenticationState HashCode changes
I have Blazor Application in ASP.NET Core 8.0, and I'm dealing with a problem with AuthenticationState.
I extended the AuthorizeView class and overrided OnParametersSetAsync() method to implement ...
0
votes
1
answer
214
views
Cookies Not Set After Microsoft Login Redirection in Production Environment ( ASP.NET)
I’m facing an issue where cookies are not being set properly after a Microsoft login redirection in my web application. The login flow works fine locally in an HTTPS environment, but in production, ...
- 1
0
votes
2
answers
83
views
Accessing user identity and claims prior to Authorization with policies
Have an API written in .NET 8
My pipeline goes something like
app.UseAuthentication()
....
app.UsePreAuthMiddleWares() // Have a group of middlewares required prior to authorization
app....
- 1,261
0
votes
0
answers
26
views
Unauthorization error after installing the package Microsoft.Azure.StackExchangeRedis
I'm using Microsoft.AspNetCore.Authorization for Authorization and implemented working fine and authorize with valid token initially, after implementing Redis cache package Microsoft.Azure....
- 11
0
votes
1
answer
77
views
ASP.NET Core authorization : how to restrict anonymous to see data dynamically while allowing logged in user to see everything
I'm working on a Blazor Wasm web app. I have a Web API for retrieving and editing the data. Now I want to add authorization to my app but I keep confusing myself.
I want to use a blog with posts and ...
- 83
2
votes
1
answer
687
views
Cookie not set in Angular project when calling ASP.NET Core 6 Web API despite Set-Cookie header
I'm working with an ASP.NET Core 6 Web API backend that uses cookie authentication, and an Angular frontend.
The backend API runs on http://localhost:5001 and uses Swagger for testing.
When I call the ...
- 160
2
votes
3
answers
3k
views
ASP.NET Core 8: custom parameterized authorization atttribute
I thought I had a very simple goal, a custom attribute to be assigned per-endpoint (ApiController method) that could be used for endpoint-specific authorization purposes, effectively authorizing an ...
- 360
1
vote
1
answer
132
views
Authorize(Roles = ...) not working on ASP.NET Core 6 microservice
I am trying to use the Authorize attribute to validate a user's roles, but it never actually checks the role (any call with any role will go through successfully). Here, I just put in a check for a ...
- 987
0
votes
0
answers
40
views
What is the difference between authorization claims and request parameters in ASP.NET?
What is the difference between using an authorization claim or role, and using the parameter of a, let's say, GET request?
For example, I want a user to access only his own data.
I can have a ...
- 83
0
votes
1
answer
48
views
How to implement roles in ASP.NET MVC project on .NET 4.x?
I am working with Visual Studio 2019 (.NET 4.7). My project is an ASP.NET MVC web app, without Microsoft Identity.
I try to implement the mechanism of authentication and authorization because I want ...
1
vote
1
answer
80
views
How can I filter requests in ASP.NET Core by user role before calling API
I have an ASP.NET Core Web API secured by JWT and authorization enabled. The API is being consumed with a Blazor client app. I am using services based on REFIT to call the API from the client. The ...
- 11
2
votes
4
answers
401
views
Blazor authorize attribute not detecting roles
I'm trying to use the authorize attribute with roles but it doesn't seem to be detecting the roles correctly. The first component below I'd expect to work as my user is in the system admin role but ...
- 101
0
votes
1
answer
65
views
Custom HandleRequirement method does not trigger
I am attempting to create a custom authorization policy for ASP.NET Core 6 MVC, but I cannot seem to get the requirement to evaluate. Here is the auth handler along with the requirement and the ...
- 13
0
votes
1
answer
198
views
ASP.NET Azure AD / Entra Authentication - App roles in token, but not being assigned to principal
I'm using Azure AD/Entra for OIDC authentication:
services
.AddAuthentication()
.AddMicrosoftIdentityWebApp(
configuration.GetSection("AzureAd"),
...
- 8,327