issues with Identity and Authorize using Roles and Policy
Multi tool use
it's my first time implementing identity and are having issues with Roles.
I've created two roles (User and SuperUser). On startup I define to policy's (Basic, Super).
In the database the user has the correct Role, but when I do User.IsInRole("User") I get false.
Also after sign in the class attribute [Authorize] causes a redirect to Sign In.
A cookie is created, so it signs in ok.
Is there any other part I need to configure?
opt.Authorization(optn =>
{
optn.AddPolicy("Basic", p =>
{
p.RequireRole("User");
});
optn.AddPolicy("Super", p =>
{
p.RequireRole("User");
p.RequireRole("SuperUser");
});
});
[HttpPost]
public async Task<IActionResult> SignIn([FromForm] string email, [FromForm] string password)
{
var tmp = await this.SignInManager.PasswordSignInAsync(email, password, false, false);
string url = tmp.Succeeded ? Url.Action("Index", "Secure") : Url.Action("Index", "Assets", new { Error = 1 });
return RedirectPermanent(url);
}
Update I was calling app.UseAuthentication() in wrong order. When
running UseAuthentication before UseMVC it works
c# asp.net-core asp.net-core-identity
asked Dec 28 '18 at 3:08
TheRuler
431219
|
show 2 more comments
it's my first time implementing identity and are having issues with Roles.
I've created two roles (User and SuperUser). On startup I define to policy's (Basic, Super).
In the database the user has the correct Role, but when I do User.IsInRole("User") I get false.
Also after sign in the class attribute [Authorize] causes a redirect to Sign In.
A cookie is created, so it signs in ok.
Is there any other part I need to configure?
opt.Authorization(optn =>
{
optn.AddPolicy("Basic", p =>
{
p.RequireRole("User");
});
optn.AddPolicy("Super", p =>
{
p.RequireRole("User");
p.RequireRole("SuperUser");
});
});
[HttpPost]
public async Task<IActionResult> SignIn([FromForm] string email, [FromForm] string password)
{
var tmp = await this.SignInManager.PasswordSignInAsync(email, password, false, false);
string url = tmp.Succeeded ? Url.Action("Index", "Secure") : Url.Action("Index", "Assets", new { Error = 1 });
return RedirectPermanent(url);
}
Update I was calling app.UseAuthentication() in wrong order. When
running UseAuthentication before UseMVC it works
c# asp.net-core asp.net-core-identity
asked Dec 28 '18 at 3:08
TheRuler
431219
1
if you're redirected to signin, it sounds like the sign in isn't working. it's possible you don't have a password in the database or your code requires email confirmation etc. debug that part and verify it's not throwing an exception. as for the policy, i don't know 100% if you have it correct, but it seems odd that "User" is an allowed role for "Super."
– megabc123
Dec 28 '18 at 4:42
first the sign in is correct and returns succeded, the cookie gets set, but if I try to browse to a controller with [Authorize] it redirects to Sign In.
– TheRuler
Dec 28 '18 at 4:57
What's the version of your ASP.NET Core ? if you're using the ASP.NET Core 2.1, please note there's a known issue that the Role feature is not enabled by default.
– itminus
Dec 28 '18 at 5:58
@itminus the version is 2,2, hmm okei. but how do I enable the Role feature?
– TheRuler
Dec 28 '18 at 6:34
@TheRuler As far as I know, the Role is enabled by default in 2.2
– itminus
Dec 28 '18 at 6:55
|
show 2 more comments
it's my first time implementing identity and are having issues with Roles.
I've created two roles (User and SuperUser). On startup I define to policy's (Basic, Super).
In the database the user has the correct Role, but when I do User.IsInRole("User") I get false.
Also after sign in the class attribute [Authorize] causes a redirect to Sign In.
A cookie is created, so it signs in ok.
Is there any other part I need to configure?
opt.Authorization(optn =>
{
optn.AddPolicy("Basic", p =>
{
p.RequireRole("User");
});
optn.AddPolicy("Super", p =>
{
p.RequireRole("User");
p.RequireRole("SuperUser");
});
});
[HttpPost]
public async Task<IActionResult> SignIn([FromForm] string email, [FromForm] string password)
{
var tmp = await this.SignInManager.PasswordSignInAsync(email, password, false, false);
string url = tmp.Succeeded ? Url.Action("Index", "Secure") : Url.Action("Index", "Assets", new { Error = 1 });
return RedirectPermanent(url);
}
Update I was calling app.UseAuthentication() in wrong order. When
running UseAuthentication before UseMVC it works
c# asp.net-core asp.net-core-identity
asked Dec 28 '18 at 3:08
TheRuler
431219
it's my first time implementing identity and are having issues with Roles.
I've created two roles (User and SuperUser). On startup I define to policy's (Basic, Super).
In the database the user has the correct Role, but when I do User.IsInRole("User") I get false.
Also after sign in the class attribute [Authorize] causes a redirect to Sign In.
A cookie is created, so it signs in ok.
Is there any other part I need to configure?
opt.Authorization(optn =>
{
optn.AddPolicy("Basic", p =>
{
p.RequireRole("User");
});
optn.AddPolicy("Super", p =>
{
p.RequireRole("User");
p.RequireRole("SuperUser");
});
});
[HttpPost]
public async Task<IActionResult> SignIn([FromForm] string email, [FromForm] string password)
{
var tmp = await this.SignInManager.PasswordSignInAsync(email, password, false, false);
string url = tmp.Succeeded ? Url.Action("Index", "Secure") : Url.Action("Index", "Assets", new { Error = 1 });
return RedirectPermanent(url);
}
Update I was calling app.UseAuthentication() in wrong order. When
running UseAuthentication before UseMVC it works
c# asp.net-core asp.net-core-identity
c# asp.net-core asp.net-core-identity
asked Dec 28 '18 at 3:08
TheRuler
431219
asked Dec 28 '18 at 3:08
TheRuler
431219
edited Dec 28 '18 at 9:14
asked Dec 28 '18 at 3:08
TheRuler
431219
asked Dec 28 '18 at 3:08
TheRuler
431219
asked Dec 28 '18 at 3:08
TheRuler
431219
431219
1
if you're redirected to signin, it sounds like the sign in isn't working. it's possible you don't have a password in the database or your code requires email confirmation etc. debug that part and verify it's not throwing an exception. as for the policy, i don't know 100% if you have it correct, but it seems odd that "User" is an allowed role for "Super."
– megabc123
Dec 28 '18 at 4:42
first the sign in is correct and returns succeded, the cookie gets set, but if I try to browse to a controller with [Authorize] it redirects to Sign In.
– TheRuler
Dec 28 '18 at 4:57
What's the version of your ASP.NET Core ? if you're using the ASP.NET Core 2.1, please note there's a known issue that the Role feature is not enabled by default.
– itminus
Dec 28 '18 at 5:58
@itminus the version is 2,2, hmm okei. but how do I enable the Role feature?
– TheRuler
Dec 28 '18 at 6:34
@TheRuler As far as I know, the Role is enabled by default in 2.2
– itminus
Dec 28 '18 at 6:55
|
show 2 more comments
1
if you're redirected to signin, it sounds like the sign in isn't working. it's possible you don't have a password in the database or your code requires email confirmation etc. debug that part and verify it's not throwing an exception. as for the policy, i don't know 100% if you have it correct, but it seems odd that "User" is an allowed role for "Super."
– megabc123
Dec 28 '18 at 4:42
first the sign in is correct and returns succeded, the cookie gets set, but if I try to browse to a controller with [Authorize] it redirects to Sign In.
– TheRuler
Dec 28 '18 at 4:57
What's the version of your ASP.NET Core ? if you're using the ASP.NET Core 2.1, please note there's a known issue that the Role feature is not enabled by default.
– itminus
Dec 28 '18 at 5:58
@itminus the version is 2,2, hmm okei. but how do I enable the Role feature?
– TheRuler
Dec 28 '18 at 6:34
@TheRuler As far as I know, the Role is enabled by default in 2.2
– itminus
Dec 28 '18 at 6:55
1
1
if you're redirected to signin, it sounds like the sign in isn't working. it's possible you don't have a password in the database or your code requires email confirmation etc. debug that part and verify it's not throwing an exception. as for the policy, i don't know 100% if you have it correct, but it seems odd that "User" is an allowed role for "Super."
– megabc123
Dec 28 '18 at 4:42
if you're redirected to signin, it sounds like the sign in isn't working. it's possible you don't have a password in the database or your code requires email confirmation etc. debug that part and verify it's not throwing an exception. as for the policy, i don't know 100% if you have it correct, but it seems odd that "User" is an allowed role for "Super."
– megabc123
Dec 28 '18 at 4:42
first the sign in is correct and returns succeded, the cookie gets set, but if I try to browse to a controller with [Authorize] it redirects to Sign In.
– TheRuler
Dec 28 '18 at 4:57
first the sign in is correct and returns succeded, the cookie gets set, but if I try to browse to a controller with [Authorize] it redirects to Sign In.
– TheRuler
Dec 28 '18 at 4:57
What's the version of your ASP.NET Core ? if you're using the ASP.NET Core 2.1, please note there's a known issue that the Role feature is not enabled by default.
– itminus
Dec 28 '18 at 5:58
What's the version of your ASP.NET Core ? if you're using the ASP.NET Core 2.1, please note there's a known issue that the Role feature is not enabled by default.
– itminus
Dec 28 '18 at 5:58
@itminus the version is 2,2, hmm okei. but how do I enable the Role feature?
– TheRuler
Dec 28 '18 at 6:34
@itminus the version is 2,2, hmm okei. but how do I enable the Role feature?
– TheRuler
Dec 28 '18 at 6:34
@TheRuler As far as I know, the Role is enabled by default in 2.2
– itminus
Dec 28 '18 at 6:55
@TheRuler As far as I know, the Role is enabled by default in 2.2
– itminus
Dec 28 '18 at 6:55
|
show 2 more comments
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53953254%2fissues-with-identity-and-authorize-using-roles-and-policy%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53953254%2fissues-with-identity-and-authorize-using-roles-and-policy%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
vR4kSRAr yXxEA0Fp
1
if you're redirected to signin, it sounds like the sign in isn't working. it's possible you don't have a password in the database or your code requires email confirmation etc. debug that part and verify it's not throwing an exception. as for the policy, i don't know 100% if you have it correct, but it seems odd that "User" is an allowed role for "Super."
– megabc123
Dec 28 '18 at 4:42
first the sign in is correct and returns succeded, the cookie gets set, but if I try to browse to a controller with [Authorize] it redirects to Sign In.
– TheRuler
Dec 28 '18 at 4:57
What's the version of your ASP.NET Core ? if you're using the ASP.NET Core 2.1, please note there's a known issue that the Role feature is not enabled by default.
– itminus
Dec 28 '18 at 5:58
@itminus the version is 2,2, hmm okei. but how do I enable the Role feature?
– TheRuler
Dec 28 '18 at 6:34
@TheRuler As far as I know, the Role is enabled by default in 2.2
– itminus
Dec 28 '18 at 6:55