aspnetcore: cannot authorize with custom scheme
I’m using:
services.AddAuthentication().AddCookie("custom", options=> {
options.LoginPath = "/admin/in";
options.LogoutPath = "/admin/out";
});
to register the scheme “custom” but when i try and authorize on the controller doing this:
[Authorize(Roles = "admin", AuthenticationSchemes = "custom")]
public ActionResult Index()
{
return View();
}
it doesn’t authorize the user and redirects to login page even though the user is logged in and is in the correct role.
if, however, i try this:
[Authorize(Roles = "admin", AuthenticationSchemes = "Identity.Application")]
public ActionResult Index()
{
return View();
}
the same user will happily authorize and i can get through to the page.
so my question is - how can i get my “custom” authentication scheme to work like “Identity.Application”. is there additional configuration required to get the custom authentication scheme to work correctly?
thanks.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: ee71441f-471a-89cd-0ef4-9b32b5dd85cf
- Version Independent ID: 0096c365-2f4e-5d21-89a0-c4f10fcb0ed9
- Content: Authorize with a specific scheme in ASP.NET Core
- Content Source: aspnetcore/security/authorization/limitingidentitybyscheme.md
- Product: aspnet-core
- Technology: aspnetcore-security
- GitHub Login: @Rick-Anderson
- Microsoft Alias: riande
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Comments: 28 (14 by maintainers)
it appears that setting
options.ForwardAuthenticate = "Identity.Application";solves this problem:this should really be documented