When I create a user without Administrator and log in to the Identity server everything seems ok.
But if I try and visit the Admin site I get a server 500 error.
Is there a way to prevent this error if the user does not have permissions to the Admin site?
Relevant parts of the log file
{
"TimeStamp": "2020-06-08T13:01:24.8655870",
"Level": "Error",
"Message": "An unhandled exception has occurred while executing the request.",
"MessageTemplate": "An unhandled exception has occurred while executing the request.",
"Exception": "System.Exception: An error was encountered while handling the remote login.\r\n ---> System.Net.Http.HttpRequestException: Response status code does not indicate success: 500 (Internal Server Error).\r\n at System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()\r\n at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.GetUserInformationAsync(OpenIdConnectMessage message, JwtSecurityToken jwt, ClaimsPrincipal principal, AuthenticationProperties properties)\r\n at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync()\r\n --- End of inner exception stack trace ---\r\n at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()\r\n at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)\r\n at NWebsec.AspNetCore.Middleware.Middleware.CspMiddleware.Invoke(HttpContext context)\r\n at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)\r\n at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)\r\n at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)\r\n at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)\r\n at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)\r\n at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)",
"Properties": {
"EventId": {
"Id": 1,
"Name": "UnhandledException"
},
"SourceContext": "Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware",
"RequestId": "80000071-000e-ff00-b63f-84710c7967bb",
"RequestPath": "/signin-oidc",
"SpanId": "|f8337a8-44a0d2bcc55b7bdf.",
"TraceId": "f8337a8-44a0d2bcc55b7bdf",
"ParentId": "",
"ApplicationName": "IdentityServer4.Admin"
}
}```
Question
When I create a user without Administrator and log in to the Identity server everything seems ok. But if I try and visit the Admin site I get a server 500 error.
Is there a way to prevent this error if the user does not have permissions to the Admin site?
Relevant parts of the log file