Reputation: 4732
Implement Basic Auth in ASP.NET 5
I’m using ASP.NET Identity with Forms auth in an MVC6 application, and trying to implement Basic auth for the API endpoints.
I would have thought there’d be a pre-built middleware that does it, but haven’t been able to find it. I’ve had a look at the Filters test website https://github.com/aspnet/Mvc/tree/dev/test/WebSites/FiltersWebSite and I can’t seem to work out what it’s doing/which parts are important.
I’ve tried using the pre-5 approach of manually doing basic auth in an authorizationfilter, but SuppressFormsAuthenticationRedirect seems to be gone, and the CookieAuthenticationHandler keeps redirecting to the login page.
Upvotes: 4
Views: 1643
Answers (2)
Reputation: 1850
Since you are targeting IIS, I suggest leveraging IIS for basic authentication. You can drop a web.config file into your wwwroot folder with a section to configure your basic authentication options.
If you want to remain host agnostic, you will need middleware. Here is someones implementation: https://github.com/Kukkimonsuta/Odachi/tree/master/src/Odachi.Security.BasicAuthentication
Upvotes: 0
Reputation: 19705
Basic auth is not there by design. Security team is against it. They will probably make a sample later.
you can read a discussion on the issue here : https://github.com/aspnet/Security/issues/209
Upvotes: 2
Related Questions
- Basic authentication in ASP.NET MVC 5
- Basic Authentication in ASP.NET Core
- How can I use basic authentication in my application?
- MVC Core 2.0 and ASP.NET Forms Based Authentication
- How do i get this Basic Authentication working in .NET Core
- How to implement simple authentication in ASP.NET MVC 5
- New Authentication-System from ASP.NET Core 1.0 (aka ASP.NET 5)
- MVC 4.5 - simplest authentication
- Implemented BasicAuth, says its missing BasicAuth?
- Adding basic authentication to ASP MVC action