OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

In asp.net core Blazer server side with Windows authentication, how do I use an Active Directory user group to secure a page?

  • Thread starter Thread starter Gabriel Worley
  • Start date Start date
G

Gabriel Worley

Guest
I created a default project using Blazer server side with Windows authentication. In the Program.cs I created a policy for the Domain Users group. This is the same policy that worked in an asp.net core MVC application, however the policy does not work in Blazer. The authentication is working and I can see my Active Directory username and all my claims for all the users groups I am in. I also tried using a policy based on policy using the SID of an AD group, but that did not work ether.

This is the same policy that worked in an asp.net core MVC

Code:
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
   .AddNegotiate();

builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("DomainUsers", policy => policy.RequireRole(@"xyz\Domain Users"));
});

I also tried using a policy based on policy using the SID of an AD group, but that did not work ether.

Code:
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
   .AddNegotiate();

builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("DomainUsers", policy => 
        policy.RequireClaim(ClaimTypes.GroupSid, 
        "S-1-5-21-448359723-410327232-725345543-721"));
});

Code:
@page "/counter"

<PageTitle>Counter</PageTitle>
<h1>Counter</h1>
<AuthorizeView Policy="DomainUsers">
<p role="status">Current count: @currentCount</p>
<button class="btn btn-primary" @onclick="IncrementCount">Click me</button>
</AuthorizeView>

@code {

    private int currentCount = 0;
    private void IncrementCount()
    {
        currentCount++;
    }
}
<p>I created a default project using Blazer server side with Windows authentication. In the Program.cs I created a policy for the Domain Users group. This is the same policy that worked in an asp.net core MVC application, however the policy does not work in Blazer. The authentication is working and I can see my Active Directory username and all my claims for all the users groups I am in. I also tried using a policy based on policy using the SID of an AD group, but that did not work ether.</p>
<p>This is the same policy that worked in an asp.net core MVC</p>
<pre><code>builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddNegotiate();

builder.Services.AddAuthorization(options =>
{
options.AddPolicy("DomainUsers", policy => policy.RequireRole(@"xyz\Domain Users"));
});

</code></pre>
<p>I also tried using a policy based on policy using the SID of an AD group, but that did not work ether.</p>
<pre><code>
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
.AddNegotiate();

builder.Services.AddAuthorization(options =>
{
options.AddPolicy("DomainUsers", policy =>
policy.RequireClaim(ClaimTypes.GroupSid,
"S-1-5-21-448359723-410327232-725345543-721"));
});

</code></pre>
<pre><code>@page "/counter"

<PageTitle>Counter</PageTitle>
<h1>Counter</h1>
<AuthorizeView Policy="DomainUsers">
<p role="status">Current count: @currentCount</p>
<button class="btn btn-primary" @onclick="IncrementCount">Click me</button>
</AuthorizeView>

@code {

private int currentCount = 0;
private void IncrementCount()
{
currentCount++;
}
}

</code></pre>
Continue reading...
 
Top