Hello everyone, I have an application in ASP.NET MVC where we started using individual user accounts, however as the application has evolved this mode ended up getting plastered for the application, I wonder if I can change change individual user accounts
to no authentication in mvc, because that way we can make our permissions correct, but we do not want to start the application from scratch.
Thanks in advance for the help I'm getting in the forum
No authentication means
[AllowAnonymous] and the user does not have to login to access the Controller/Action. Otherwise, use [Authorize] if you want to make sure the user logged.
As the upstairs said,you could add [AllowAnonymous] on action or controller.
(Note:Anonymous properties are enabled if the site has form authentication enabled).
[AllowAnonymous]
public ActionResult Index()
{
return View();
}
However, if you find that the property is declared, you cannot access the Action,but instead jump to the login page of the authentication.
At this time, you can follow the steps below to solve the problem:
1.First check if the application file Global.asax of the website has been authenticated and jumped. Pay attention to the special processing done in each event.
2.If Global.asax doesn't do anything, then check if the controller's constructor has been authenticated and jumped, and whether
the class inherited by the controller has been processed.
3.The last is to check the Web.config website configuration file. Someone may add <authorization> element and set deny users="?" (reject all anonymous user access).
Since the priority of <authorization> is greater than the
AllowAnonymous attribute, the program first determines that deny user="?" after rejecting the anonymous user,
it will skip all the authentication attributes in the Action method, causing the website to automatically jump to the login page of the authentication.
In addition,if form authentication is already used in ASP.NET MVC,
it is best not to set the authorization element in the configuration file.
The authentication control should use the Authorize property and the
AllowAnonymous property.
Best Regards.
Yuki Tao
MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue.
If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.
hello mgebhard, sorry if I did not express myself well, my problem is as follows, when we started our application in the option individual user accounts, because it was in the initial and there would be few roles to deal with, but when it evolves we need
to create more roles in the project itself and insert in them the pages they could access, however we noticed that using the identy we got stuck in the project and custom authentication did not meet us 100%, so I was wondering if it is possible to revert this
option of individual user accounts to none. Authentication and do everything manually our rules, we have a User table different from the UserAsp table, but every time trying to access the login view we created it redirects to the default login of identy
we have a User table different from the UserAsp table, but every time trying to access the login view we created it redirects to the default login of identy
Remove or comment the Identity configuration and start using your custom security. There are several Individual Identity templates depending on what .NET version is targeted and the version of Visual Studio you are using. If I assume OWIN, the configuration
is in the App_Start/IdentityConfig.cs.
ecocash
but every time trying to access the login view we created it redirects to the default login of identy
Cookie authentication causes the redirect not ASP.NET Identity. Cookie authentication configuration is found in App_Start/Startup.Auth.cs. I assume you'll want to reuse the cookie authentication to store user information between requests. If not and you
are using another framework feature like Session, then remove Cookie authentication as well.
Member
19 Points
89 Posts
How change individual user accounts to no authentication in mvc?
Aug 05, 2019 07:08 PM|ecocash|LINK
Hello everyone, I have an application in ASP.NET MVC where we started using individual user accounts, however as the application has evolved this mode ended up getting plastered for the application, I wonder if I can change change individual user accounts to no authentication in mvc, because that way we can make our permissions correct, but we do not want to start the application from scratch.
Thanks in advance for the help I'm getting in the forum
All-Star
53041 Points
23612 Posts
Re: How change individual user accounts to no authentication in mvc?
Aug 05, 2019 07:19 PM|mgebhard|LINK
Your question does not make sense.
No authentication means [AllowAnonymous] and the user does not have to login to access the Controller/Action. Otherwise, use [Authorize] if you want to make sure the user logged.
All-Star
58194 Points
15655 Posts
Re: How change individual user accounts to no authentication in mvc?
Aug 05, 2019 07:20 PM|bruce (sqlwork.com)|LINK
just set [AllowAnonymous] on the controllers you don't want to require authentication.
Contributor
3710 Points
1431 Posts
Re: How change individual user accounts to no authentication in mvc?
Aug 06, 2019 03:09 AM|Yuki Tao|LINK
Hi ecocash,
As the upstairs said,you could add [AllowAnonymous] on action or controller.
(Note:Anonymous properties are enabled if the site has form authentication enabled).
However, if you find that the property is declared, you cannot access the Action,but instead jump to the login page of the authentication.
At this time, you can follow the steps below to solve the problem:
1.First check if the application file Global.asax of the website has been authenticated and jumped. Pay attention to the special processing done in each event.
2.If Global.asax doesn't do anything, then check if the controller's constructor has been authenticated and jumped, and whether the class inherited by the controller has been processed.
3.The last is to check the Web.config website configuration file. Someone may add <authorization> element and set deny users="?" (reject all anonymous user access).
Since the priority of <authorization> is greater than the AllowAnonymous attribute, the program first determines that deny user="?" after rejecting the anonymous user,
it will skip all the authentication attributes in the Action method, causing the website to automatically jump to the login page of the authentication.
In addition,if form authentication is already used in ASP.NET MVC,
it is best not to set the authorization element in the configuration file.
The authentication control should use the Authorize property and the AllowAnonymous property.
Best Regards.
Yuki Tao
Please remember to click "Mark as Answer" the responses that resolved your issue.
If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.
Member
19 Points
89 Posts
Re: How change individual user accounts to no authentication in mvc?
Aug 06, 2019 11:39 AM|ecocash|LINK
hello mgebhard, sorry if I did not express myself well, my problem is as follows, when we started our application in the option individual user accounts, because it was in the initial and there would be few roles to deal with, but when it evolves we need to create more roles in the project itself and insert in them the pages they could access, however we noticed that using the identy we got stuck in the project and custom authentication did not meet us 100%, so I was wondering if it is possible to revert this option of individual user accounts to none. Authentication and do everything manually our rules, we have a User table different from the UserAsp table, but every time trying to access the login view we created it redirects to the default login of identy
All-Star
53041 Points
23612 Posts
Re: How change individual user accounts to no authentication in mvc?
Aug 06, 2019 01:37 PM|mgebhard|LINK
Remove or comment the Identity configuration and start using your custom security. There are several Individual Identity templates depending on what .NET version is targeted and the version of Visual Studio you are using. If I assume OWIN, the configuration is in the App_Start/IdentityConfig.cs.
Cookie authentication causes the redirect not ASP.NET Identity. Cookie authentication configuration is found in App_Start/Startup.Auth.cs. I assume you'll want to reuse the cookie authentication to store user information between requests. If not and you are using another framework feature like Session, then remove Cookie authentication as well.