- ABP Framework version: v3.2
- UI type: MVC
- Tiered (MVC) or Identity Server Seperated (Angular): no
Hello, I am currently creating a project for a public website. Thereby I call methods from the "AppServices". This methods come with the default Authroize attribues this is why the user gets a "access denied" For the generation of the entities I use the "abp suite", which then overwrites the services.
What is the best practise to allow anonymous users to display information? Should I rewrite/ overwrite the service methods like "GetWithNavigationPropertiesAsync" or is there a better idea? Is it possible to grant the anonymous user a default permission level?
3 Answer(s)
-
0
the only way is removing the
[Authorize]
attribute from Application Services. If you want to guard some specific Web API actions, you can also put the[Authorize]
attribute to your service methods . -
0
Hi Alper, Thank you for your reply.
I really like your abp suite for adding but also modifing existing entities. When modifing the entity the service will get overwritten. Do you have any practical hint how I can modify authorization without deleting the attribute?
Thank you
-
0
actually there's no practical way of this :(