TechQA.

Unable to authenticate to EFCore implementation with Azure WsFederation

27 views Asked by At

Getting the Following Error:

Authorization failed. These requirements were not met:
DenyAnonymousAuthorizationRequirement: Requires an authenticated user. <s:Microsoft.AspNetCore.Authorization.DefaultAuthorizationService>

Federated Service:

 if (!iis && !httpSys)
            {
                // Information - DEBUG
                Serilog.Log.Information("Using Kestrel");

                // Environment uses Kestrel and WsFederation
                services.AddAuthentication(WsFederationDefaults.AuthenticationScheme)
                    .AddWsFederation(WsFederationDefaults.AuthenticationScheme, options => 
                    { 
                        options.Wtrealm = config.GetValue<string>("Authentication:Microsoft:WsFederation:Wtrealm");
                        options.MetadataAddress = config.GetValue<string>("Authentication:Microsoft:WsFederation:MetadataAddress");
                        options.RequireHttpsMetadata = true;
                        options.Events = new WsFederationEvents
                        {
                            OnRedirectToIdentityProvider = context =>
                            {
                                context.ProtocolMessage.Whr = "Authentication:Microsoft:WsFederation:Whr";
                                return Task.CompletedTask;
                            }
                        };
                        options.Wreply = config.GetValue<string>("Authentication:Microsoft:WsFederation:Wreply");
                    }
                );
                
                // Configure authorization policies
                services.AddAuthorization(options =>
                {
                    options.AddPolicy("WsfPolicy", builder =>
                        {
                            builder.RequireAuthenticatedUser();
                            builder.AuthenticationSchemes = new[] { WsFederationDefaults.AuthenticationScheme };
                        }
                    );
                });
            }

Controller:

[Authorize(Policy = "WsfPolicy")]
        [HttpGet]
        [Route("lkMeasures")]
        [Produces("application/json")]
        [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(ICollection<LkMeasure>))]
        [ProducesErrorResponseType(typeof(void))]
        public async Task<IActionResult> AllItems()
        {
            var allItems = await _lookupsService.AllMeasures();
            return Ok(allItems);
        }

Note: I have been working on this issue for a few days, and I can't seem to find a solution; help will be greatly appreciated.

authentication http entity-framework-core azure-web-app-service ws-federation
Original Q&A
1

There are 1 answers

0
Sergio Rodriguez On

I needed to define a default policy. Once it was defined. The account was able to access the resources.

               // Configure authorization policies
                services.AddAuthorization(options =>
                {
                    options.AddPolicy("defaultPolicy", builder =>
                        {
                            builder.RequireAuthenticatedUser();
                            builder.AuthenticationSchemes = new[] { WsFederationDefaults.AuthenticationScheme };
                        }
                    );
                });

Related Questions in AUTHENTICATION

Related Questions in HTTP

Related Questions in ENTITY-FRAMEWORK-CORE

Related Questions in AZURE-WEB-APP-SERVICE

Related Questions in WS-FEDERATION

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions