search

aspnet / Identity

[Archived] ASP.NET Core Identity is the membership system for building ASP.NET Core web applications, including membership, login, and user data. Project moved to https://github.com/aspnet/AspNetCore
Apache License 2.0
1.96k stars 868 forks source link

[EF] [Authorize(Roles = "X")] does not work when a different table name is specified for IdentityUser #280

Closed dannevesdantas closed 9 years ago

dannevesdantas commented 9 years ago

When developing an application in Code First approach, if you try to specify a different name for the users table (please see code below) the [Authorize] attribute will not work properly :(

// In the database Context class, inside OnModelCreating event... dbModelBuilder.Entity<IdentityUser>().ToTable("OtherName"); // Specify a different name for the IdentityUser table

The [Authorize] attribute will prevent unauthenticated users to access :+1: no problems so far... However, when you specify one (or more) roles in the Roles parameter, for example: [Authorize(Roles = "ExampleRole")] even if your user is registered in this role, it will not allow access :(

I did some simple tests and noticed that it is not a problem of cookies, even seems to be a problem in the AuthorizeAttribute class

rustd commented 9 years ago

Can you please post a sample that reproes this? You need to refresh the Identity (logout and login) for the new roles to be picked up

rustd commented 9 years ago

Please reopen this issue if it still reproes.