-
I am using following configuration for my Identity Manager, everytime I pass my access token - it throws 401 (Unauthorized)
app.Map("/admin", adminApp =>
{
```
var factory = new IdentityManag…
-
When use CookieAuthentication for a webapi site, how to make HttpClient can be access a controller that the AuthorizeAttribute was applied?
If i use SignInManager.PasswordSignInAsync(user, password, …
-
Hi, having policies for authorization is a great step forward, however I think the current implementation still enforces a very strong coupling between the target (e.g. controller action) and the poli…
-
This is a question; the answer might be obvious, but not to me, since I am a newbie...
I am experimenting with securing the RESTier endpoint with something as simple as Basic Authentication (e.g. usi…
-
`[Authorize(nameof(Privilege.UsersManagement), nameof(Privilege.DepartmentsManagement)]`
instead of
`[Authorize(nameof(Privilege.UsersManagement) + "," + nameof(Privilege.DepartmentsManagement)`
i4004 updated
8 years ago
-
While trying to have 2 cookie auth middlewares with same cookie name but different reaction to unauthorized access (no auto challenge for api controolers) we stumbled upon a strange behavior:
When a…
-
Hi,
It hope it's really simple, but I don't see an easy way to exclude any operations that have a specific custom attribute placed on them. The extra bit here is that we want to serve 2 types of swag…
-
Hi.
Actually in the asp.net 5 (1.0.0-rc1-final) the values of the Roles property in Authorize attribute aren't trimmed before using it.
This lead to the situation where if for any reason you have thi…
-
I have a multi-tenant environment. When a user is not authenticated, I want to redirect the user to a login page specific to their client (e.g. /client/{blah}/Account/Login).
In Identity 2.0, I coul…
-
Just want to say, love this project btw!! Love the examples as well, although an AngularJs one would be nice, with details on how to use refresh_tokens, but i am sure this will all come with time.
I…