blowdart
commented
8 years ago Did you remember to close your browser and clear your cookies, just in case any are hanging around?
If so this is a question for the security repo, not for this tutorial.
Closed valcs007 closed 8 years ago
blowdart
commented
8 years ago Did you remember to close your browser and clear your cookies, just in case any are hanging around?
If so this is a question for the security repo, not for this tutorial.
valcs007
commented
8 years ago Thanks blowdart! Yes, i did clear the cookie and restarted the browser. I have posted the issue in the security thread.
Hi,
I want to configure global authorization for all actions in all my controllers (Forcing it to go through my Account Controller). I am using the below piece of code from the Step_4_Simple_Policies lab project.
Startup.cs: services.AddMvc(config => { var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); config.Filters.Add(new AuthorizeFilter(policy)); });
public class HomeController : Controller { // GET: //
public IActionResult Index()
{
return View();
}
}
I also went through the explanation (Please Refer Step 2 Authorize all Things heading) (https://github.com/blowdart/AspNetAuthorizationWorkshop )
Based on my understanding, i expect the below behavior.
Expected Behavior: After i remove Authorize tag from my Controller, adding global authorization code in startup.cs, prefixing [AllowAnonymous] tag in my account controller, all actions should go via my Login action in my Account controller for authorization
Current Behavior:
System doesn't hit Account Controller login action. This indicates global authorization configuration is not working.
Please let me know if i am missing something.
PS: I have latest RTM core libraries with VS Update 3.
Thanks, Valliappan