Home > Enterprise >  Asp.net disable authentication
Asp.net disable authentication

Time:09-05

We have an app which was used for the login and as a reverse proxy, rewriting requests. Now, this app can be configured to only be used as a reverse proxy and let everything go through (authentication is done using oauth2 in an API behind this one).

Startup.cs :

public void Configuration(IAppBuilder app)
{
    if (ConfigHelper.AuthMode == "IISSession")
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = AuthenticationType,
            LoginPath = new PathString("/auth/login"),
            //LogoutPath = new PathString("/auth/logout"),
            Provider = new CookieAuthenticationProvider { OnApplyRedirect = ApplyRedirect },
            ReturnUrlParameter = "returnUrl",
        });
    }
}

If I do this, the app does not let any request go through and returns an HTTP 401 Unauthorized. If I remove the if and leave the 'app.UseCookieAuthentication', the app starts and redirects to the login page.

Is it possible to do something to let every request go through?

CodePudding user response:

We had to host the front end in his own site in IIS to make it work.

  • Related