Can't access dashboard resources when enabling DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS in 8.2.0

[asimmon]

Is there an existing issue for this?

• [X] I have searched the existing issues

Describe the bug

Modifying a newly created aspire-starter app host to set DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS=true doesn't provide access to the dashboard resources, traces, logs and metrics. This error appears instead.

When looking at the distributed app builder, IsDashboardUnsecured returns true, so we skip the API keys setup:

The DashboardLifecycleHook class sets DASHBOARD__FRONTEND__AUTHMODE, DASHBOARD__RESOURCESERVICECLIENT__AUTHMODE, and DASHBOARD__OTLP__AUTHMODE to Unsecured.

Yet the authorization error happens.

Expected Behavior

Resources, logs, metrics and traces should be visible for the default apps orchestrated by the aspire-starter template.

Steps To Reproduce

• Create a new aspire-starter project using .NET Aspire 8.2.0
• Use the code below for the app host's Program.cs
• Run the app host and open the dashboard in your browser (any profile, in private, guest mode, etc.)

var builder = DistributedApplication.CreateBuilder([
    "DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS=true"
]);

var apiService = builder.AddProject<Projects.aspire_ApiService>("apiservice");

builder.AddProject<Projects.aspire_Web>("webfrontend")
    .WithExternalHttpEndpoints()
    .WithReference(apiService);

builder.Build().Run();

Exceptions (if any)

No response

.NET Version info

.NET SDK:
 Version:           8.0.401
 Commit:            811edcc344
 Workload version:  8.0.400-manifests.57f7c351
 MSBuild version:   17.11.4+37eb419ad

Runtime Environment:
 OS Name:     Windows
 OS Version:  10.0.22631
 OS Platform: Windows
 RID:         win-x64
 Base Path:   C:\Program Files\dotnet\sdk\8.0.401\

.NET workloads installed:
Configured to use loose manifests when installing new manifests.
 [aspire]
   Installation Source: SDK 8.0.400, VS 17.10.35122.118
   Manifest Version:    8.2.0/8.0.100
   Manifest Path:       C:\Program Files\dotnet\sdk-manifests\8.0.100\microsoft.net.sdk.aspire\8.2.0\WorkloadManifest.json
   Install Type:              Msi

Anything else?

• ASP.NET Core version: 8.0.8
• .NET Aspire version (Aspire.Hosting.AppHost): 8.2.0
• .NET Aspire workload: 8.2.0
• IDE is Rider 2024.2

[davidfowl]

cc @JamesNK @drewnoakes can you take a look? This is a regression