Disclaimer: this is my first time with ASP.NET MVC 5
I have no idea why it doesn't work. I can't get my MVC5 app to authorize users. I have done this in previous versions (2, 3 and 4) but I can't seem to make it work in OWIN.
I'm using local IIS with the needed features enabled:
EDIT:
I'm using SSL on IIS and RequireHttps at C#
This is the code:
protected void Application_Start()
{
GlobalFilters.Filters.Add(new AuthorizeAttribute());
}
Startup.Auth.cs
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/admin/account/login")
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication();
Even though I'm using Global Authorize I tried to "force" it to see if this was the problem:
public class HomeController : Controller
{
[Authorize]
public ActionResult Index()
{
return View();
}
}
No luck... I'm not sure it was necessary with OWIN, but I even tried enabling forms authentication:
<authentication mode="Forms" />
EDIT [2]
Well, I found out the problem... IIS! Finally! Now, would anyone know how to fix that? Do I need anything special to run OWIN on IIS? I can work now, but soon I'll have to deploy the app and will probably run into the same problem in the server...
I've already read these:
How do you login/authenticate a user with Asp.Net MVC5 RTM bits using AspNet.Identity?
Authorize attribute not working MVC 5
Any ideas?
The Authorize Attribute In ASP.NET MVC, any incoming request is bound to a controller/method pair and served. This means that once the request matches a supported route and is resolved to controller and method, it gets executed no matter what.
Authorization in MVC is controlled through the AuthorizeAttribute attribute and its various parameters. At its simplest applying the AuthorizeAttribute attribute to a controller or action limits access to the controller or action to any authenticated user.
In this article Authorization in ASP.NET Core is controlled with AuthorizeAttribute and its various parameters. In its most basic form, applying the [Authorize] attribute to a controller, action, or Razor Page, limits access to that component to authenticated users.
Since your app run with IIS, try add Microsoft.Owin.Host.SystemWeb
nuget package to your application.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With