asp.net-coreaspnetboilerplateasp.net-core-identity
ABP 401 response from API instead of redirect
I have the same problem as this: https://forum.aspnetboilerplate.com/viewtopic.php?f=5&t=4865, but I have ABP v2.1 with module-zero-core-template.
I'm using Web.Mvc project as my startup project and I want to make API calls.
When I perform an unauthorized request to the API, I got a "200 OK" response instead of a "401". Where did I make a mistake?
Solution
ASP.NET Core 1.x
ABP v2.x / module-zero-core-template v2.x
Modify IdentityRegistrar in .Core project:
// Before
services.AddAbpIdentity<Tenant, User, Role>()
// After
services.AddAbpIdentity<Tenant, User, Role>(options =>
{
options.Cookies.ApplicationCookie.AutomaticChallenge = false;
})
Reference: https://github.com/aspnet/Security/issues/804
ASP.NET Core 2.0
ABP v3.x / module-zero-core-template v3.0.0 – v3.4.0
Modify AuthConfigurer in .Web.Mvc / .Web.Host project:
// Before
services.AddAuthentication()
// After
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = "JwtBearer";
options.DefaultChallengeScheme = "JwtBearer";
})
Reference: 92b6270 in module-zero-core-template v3.5.0
- How can I use Dependency Injection in an ASP.NET Core ActionFilterAttribute?
- How to get Role Claims in asp.net core 6 web api?
- ASP.NET Core Web API - FluentValidationMvcExtensions.AddFluentValidation(IMvcBuilder, Action<FluentValidationMvcConfiguration>)' is obsolete
- Exchanging a google idToken for local openId token c#
- Write and read string from MemoryStream
- How to Implement Polymorphic Request Bodies in ASP.NET Core Web API with Swagger UI?
- How to set up Automapper in ASP.NET Core
- What means skipNegotiation in SignalR HubConnection?
- BasePageModel in Razor Pages
- How to auto increment the version (eg. “1.0.*”) of a .NET Core project?
- EF Core 8 does not merge entities
- How to use appsettings.json in Asp.net core 6 Program.cs file
- How to determine if asp.net core has been installed on a windows server
- .NET 8 Blazor Server - role authorization with Windows Authentication
- Should EFCore migrations be committed to version control?
- EF Core one-to-one relation returns one-to-many relation
- How to deal with Id property in DTO in ASP.NET Web API
- Get null in controller when implementing IEnumerable in ASP NET model
- .NET Core 3.1 GoogleSignIn -The authentication handler registered for scheme 'Bearer' is 'JwtBearerHandler' which cannot be used for SignInAsync
- How do I serve static files only to authorized users?
- .NET 7 and UseEndPoints()
- 'Unable to resolve service for type ¨Microsoft.entityFrameworkCore.DbContextOptions¨1[LibraryData.LibraryContext] while attempting to activate
- Require authenticated user in asp.net core but require custom policy in some actions require custom policy
- Stop request in CookieAuthenticationEvents.OnValidatePrincipal after response body has been written to
- IDX10603: The algorithm: 'HS256' requires the SecurityKey.KeySize to be greater than '128' bits. KeySize reported: '32'. Parameter name: key.KeySize
- Relation between Authorization middleware and filter Asp.net core
- .net 8 blazor navlink style not working for external url
- How to pass a serialized JSON payload to an ASP.NET Core Web API controller
- Filter Serilog logs to different sinks depending on context source?
- How can I securize my code-first gRPC endpoints using Azure Authentication?