- ABP Framework version: v4.2
- UI type: MVC
- DB provider: EF Core / MongoDB
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace:
- Steps to reproduce the issue:"
Based on our custom requirement we had to include the custom page and controller with in Web application(MVC) and those controller/page can't be placed in any of the micro services or in web gateway. We don't want to have anonymous access for those controller/page. So we would like to know what are the parameters (Cookies/Headers) need to be passed to the respective page to access those as a Authenticated user. Please advise.....
3 Answer(s)
-
0
Based on our custom requirement we had to include the custom page and controller with in Web application(MVC) and those controller/page can't be placed in any of the micro services or in web gateway.
Then, where are you hosting these pages?
We don't want to have anonymous access for those controller/page. So we would like to know what are the parameters (Cookies/Headers) need to be passed to the respective page to access those as a Authenticated user. Please advise.....
I can't say that I understand what you mean. Do you have a controller method returning a page with an [Authorize] attribute and you want to call this from an external service (like a .NET or Java application)?
There are authorization flows for these kinds of interactions. If you are making a request without a user (backend-to-backend) you need to configure a Client Credentials authentication. Or if it is related with user that needs to be logged in, you can use Authorization Code or Hybrid flow.
Eventually, behind the scenes, you request an access token and this is added to the authorization header as Bearer and the request is made.
-
0
Based on our custom requirement we had to include the custom page and controller with in Web application(MVC) and those controller/page can't be placed in any of the micro services or in web gateway.
Then, where are you hosting these pages?
This will be part of our Web Layer (UI) layer and will be hosted along with that
We don't want to have anonymous access for those controller/page. So we would like to know what are the parameters (Cookies/Headers) need to be passed to the respective page to access those as a Authenticated user. Please advise.....
I can't say that I understand what you mean.
Do you have a controller method returning a page with an [Authorize] attribute and you want to call this from an external service (like a .NET or Java application)?There are authorization flows for these kinds of interactions. If you are making a request without a user (backend-to-backend) you need to configure a Client Credentials authentication. Or if it is related with user that needs to be logged in, you can use Authorization Code or Hybrid flow.
Eventually, behind the scenes, you request an access token and this is added to the authorization header as Bearer and the request is made.
Yes this stands valid if we would like to make a call to services , but in this case we want to call a page with in our UI layer by authenticating the request
-
0
I am sorry, I still can't understand completly. Are you building a module with UI and is this about authorizing your modular UI?
but in this case we want to call a page with in our UI layer by authenticating the request
Can you give some code samples about what you are trying to achieve?