asp.net-authorization – Tarik Billa

ASP.NET core JWT authentication always throwing 401 unauthorized

November 25, 2023 by Tarik

Keep in mind that the UseAuthentication, UseRouting and UseAuthorization middleware must in correct in order for the ASP framework properly inject the identity context to http request. It should look like this: (.NET Core 3.1) Edit: the same code applies to .NET 5 & .NET 6 app.UseAuthentication(); app.UseRouting(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapControllers(); });

How to specify root (/) location in web.config?

April 2, 2023 by Tarik

Try this one: <system.web> <urlMappings enabled=”true”> <add url=”~/” mappedUrl=”~/default.aspx” /> </urlMappings> <authorization> <allow roles=”admin”/> <deny users=”*” /> </authorization> </system.web> <location path=”Default.aspx”> <system.web> <authorization> <allow users=”*” /> </authorization> </system.web> </location>

MVC Core How to force / set global authorization for all actions?

March 23, 2023 by Tarik

services.AddMvc(config => { var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); config.Filters.Add(new AuthorizeFilter(policy)); });