Thomas Andreè Lian Thomas Andreè Lian - 3 months ago 88
ASP.NET (C#) Question

ASP.NET Core change AccessDenied route

I'm having some trouble with routing AccessDenied, probably Login/Logout path as well. The project is a stripped default one with no more magic. Soo there exist a

Account
controller with an
AccessDenied()
method.

What I'm trying now is (this is the solution offered by the goods of the internet)

services.Configure<CookieAuthenticationOptions>(options =>
{
options.LoginPath = new PathString("/");
options.AccessDeniedPath = new PathString("/InactiveSponsor");
options.LogoutPath = new PathString("/");
});


But that does absolutely no difference. So any ideas? Any idea on why don't it work and how to make it work.

Here is my Startup.cs

public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();

if (env.IsDevelopment())
{
// This will push telemetry data through Application Insights pipeline faster, allowing you to view results immediately.
builder.AddApplicationInsightsSettings(developerMode: true);
}
Configuration = builder.Build();
}

public IConfigurationRoot Configuration { get; }

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);

string connection = "DefaultConnection";
//services.AddDbContext<SponsorContext>(options => options.UseSqlServer(connection));
services.AddDbContext<SponsorContext>(options => options.UseSqlServer(Configuration[$"Data:{connection}"]));

services.AddIdentity<ApplicationUser, ApplicationRole>()
.AddEntityFrameworkStores<SponsorContext>()
.AddDefaultTokenProviders();


services.AddMvc();


services.AddAuthorization(options =>
{
options.AddPolicy(Policies.RequireAdmin, policy => policy.RequireRole(Roles.Administrator));
options.AddPolicy(Policies.IsSponsor, policy => policy.RequireRole(Roles.Sponsor));
options.AddPolicy(Policies.IsSponsorOrAdmin, policy => policy.RequireRole(Roles.Administrator, Roles.Sponsor));
});

/*
* AddTransient Different on each instance/use
* AddScoped Different instance on a per request basis
* AddSingleton Always the same instance
*/
//DI
services.AddScoped<ManageUserRepository>();
services.AddScoped<ISponsorManagement, SponsorRepository>();
services.AddScoped<ISponsorRead, SponsorRepository>();
}

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();

app.UseApplicationInsightsRequestTelemetry();

if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}

app.UseApplicationInsightsExceptionTelemetry();

app.UseStaticFiles();
app.UseIdentity();


app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}

Answer

Try

 services.AddIdentity<ApplicationUser, IdentityRole>(op=>op.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor"))
         .AddEntityFrameworkStores<SponsorContext>()
         .AddDefaultTokenProviders();

Or

        services.Configure<IdentityOptions>(opt =>
        {
            opt.Cookies.ApplicationCookie.LoginPath = new PathString("/aa");
            opt.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/InactiveSponsor");
            opt.Cookies.ApplicationCookie.LogoutPath = new PathString("/");
        });