darkezm0
darkezm0

Reputation: 103

authorization failing with custom authentication scheme - asp.net-core 3.0

i'm using:

services.AddAuthentication().AddCookie("custom", options=> {
                options.LoginPath = "/admin/in";
                options.LogoutPath = "/admin/out";
            });

in ConfigureServices to register a custom authentication scheme.

when i try to use this scheme in my controller:

[Authorize(Roles = "admin", AuthenticationSchemes = "custom")]
        public ActionResult Index()
        {
            return View();
        }

it simply redirects me to the login page even if the user is logged in and is in the correct role.

now if i change the AuthenticationScheme to be:

[Authorize(Roles = "admin", AuthenticationSchemes = "Identity.Application")]
        public ActionResult Index()
        {
            return View();
        }

everything works correctly and the user is authorized.

is there something i'm missing in the setup of the custom authentication scheme? how do i get my custom authentication scheme to work the same way Identity.Application does?

thanks

ps: i'm using asp.net core 3.0 preview 9

Upvotes: 0

Views: 823

Answers (1)

darkezm0
darkezm0

Reputation: 103

it appears that setting options.ForwardAuthenticate = "Identity.Application"; solves this problem:

public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication().AddCookie("custom", options=> {
                options.LoginPath = "/admin/in";
                options.LogoutPath = "/admin/out";
                options.AccessDeniedPath= "/admin/in";
                options.ForwardAuthenticate = "Identity.Application";
            });

        }

this should really be documented

Upvotes: 1

Related Questions