Last post Dec 05, 2017 06:59 AM by Edward Z
Dec 04, 2017 02:43 PM|jherres|LINK
I have an ASP.NET Core 2.0 Razor Pages application that is hooked up to AAD v2.0 auth.
I'm adding the following policy:
options.AddPolicy("DelegatedAdmin", policy => policy.RequireClaim("DelegatedAdmin"));
I am using the following Attribute on pages .cs
[Authorize(Policy = "DelegatedAdmin")]
Functionally, this works. However, the error that is thrown when the user does not have that claim, the application throws a 502 Bad Gateway error. I'm thinking the failure of the policy is causing a loop to have the user log in which gets killed and this
error bubbles up. Is there graceful way to handle this error? I've tried using app.UseStatusCodePages() but it doesn't seem to do anything.
TIA for any suggestions, -joe
Dec 04, 2017 03:43 PM|Radomir|LINK
are you going through IIS? or are you seeing 502 when hitting kestrel directly?
Dec 04, 2017 03:47 PM|jherres|LINK
VS 2017 is my dev env, so IIS express locally. The error is a 502.3 specifically.
Deploying to Azure app service for production, and I see a 502 coming back with a custom error page of "The specified CGI application encountered an error and the server terminated the process."
Dec 04, 2017 10:41 PM|Radomir|LINK
Check the logs.. process shouldn't be crashing for this..
Dec 05, 2017 06:59 AM|Edward Z|LINK
How did you use this code? I made a test with code below, and I could reproduce your issue.
option.AddPolicy("DelegatedAdmin", policy => policy.RequireClaim("DelegatedAdmin"));
If you are the same, I suggest you comment out above code, and then add policy by code below:
var policy = new AuthorizationPolicyBuilder()
Then, you could capture the unauthorized by code below. You could custom the error by yourself or just return the error string.
errorApp.Run(async context =>
var error = context.Features.Get<IExceptionHandlerFeature>();
if (error != null)
var ex = error.Error;
// custom logic