Closed Tratcher closed 7 years ago
If you have errors during authentication it can throw exceptions. In Production these are caught by app.UseExceptionHandler("/Home/Error"); and re-executed. However, Home/Error requires Authorization and you get stuck in an infinite loop. https://github.com/aspnet/Templates/blob/dev/src/Rules/StarterWeb/OrganizationalAuth/Single/NoRead/Startup.cs https://github.com/aspnet/Templates/blob/dev/src/Rules/StarterWeb/OrganizationalAuth/Common/Controllers/HomeController.cs
app.UseExceptionHandler("/Home/Error");
@blowdart
Hmm, I wonder if it's worth overriding the authorize attribute on whatever the exception handler route is, even if you have set it.
Should we just set AllowAnonymous on the Error Action on the controller?
If you have errors during authentication it can throw exceptions. In Production these are caught by
app.UseExceptionHandler("/Home/Error");
and re-executed. However, Home/Error requires Authorization and you get stuck in an infinite loop. https://github.com/aspnet/Templates/blob/dev/src/Rules/StarterWeb/OrganizationalAuth/Single/NoRead/Startup.cs https://github.com/aspnet/Templates/blob/dev/src/Rules/StarterWeb/OrganizationalAuth/Common/Controllers/HomeController.cs@blowdart