Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Authorization not working in ASP.NET MVC 5

Disclaimer: this is my first time with ASP.NET MVC 5

I have no idea why it doesn't work. I can't get my MVC5 app to authorize users. I have done this in previous versions (2, 3 and 4) but I can't seem to make it work in OWIN.

I'm using local IIS with the needed features enabled:

IIS Features

EDIT:

I'm using SSL on IIS and RequireHttps at C#

This is the code:

protected void Application_Start()
{
    GlobalFilters.Filters.Add(new AuthorizeAttribute());
}

Startup.Auth.cs

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
    LoginPath = new PathString("/admin/account/login")
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication();

Even though I'm using Global Authorize I tried to "force" it to see if this was the problem:

public class HomeController : Controller
{
    [Authorize]
    public ActionResult Index()
    {
        return View();
    }
}

No luck... I'm not sure it was necessary with OWIN, but I even tried enabling forms authentication:

<authentication mode="Forms" />

EDIT [2]

Well, I found out the problem... IIS! Finally! Now, would anyone know how to fix that? Do I need anything special to run OWIN on IIS? I can work now, but soon I'll have to deploy the app and will probably run into the same problem in the server...

I've already read these:

How do you login/authenticate a user with Asp.Net MVC5 RTM bits using AspNet.Identity?

Authorize attribute not working MVC 5

Any ideas?

like image 678
eestein Avatar asked Feb 02 '15 21:02

eestein


People also ask

How authorization works in ASP NET MVC?

The Authorize Attribute In ASP.NET MVC, any incoming request is bound to a controller/method pair and served. This means that once the request matches a supported route and is resolved to controller and method, it gets executed no matter what.

How do I Authorize in MVC?

Authorization in MVC is controlled through the AuthorizeAttribute attribute and its various parameters. At its simplest applying the AuthorizeAttribute attribute to a controller or action limits access to the controller or action to any authenticated user.

What is Authorize in .NET core?

In this article Authorization in ASP.NET Core is controlled with AuthorizeAttribute and its various parameters. In its most basic form, applying the [Authorize] attribute to a controller, action, or Razor Page, limits access to that component to authenticated users.


1 Answers

Since your app run with IIS, try add Microsoft.Owin.Host.SystemWeb nuget package to your application.

like image 101
zhimin Avatar answered Sep 28 '22 08:09

zhimin