November Happy Hour will be moved to Thursday December 5th.

AI OnAI Off

Add CmsAdmins claim in custom Owin middleware

mh
mh
Vote:
 

Hello!

I´m trying to get editor mode to work with a custom IODC provider solution we are using. I thought I´d try to add a CmsAdmins claim to the principal in an Owin middleware.

* I based solution mostly on information in this article: https://world.episerver.com/documentation/developer-guides/CMS/security/federated-security/

* I´ve made sure CmsAdmins role is given access to editor pages in web.config: 

<location path="EPiServer">
<system.web>
<authorization>
<allow roles="WebEditors, CmsAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>

<location path="EPiServer/CMS/admin">
<system.web>
<authorization>
<allow roles="WebEditors, CmsAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>

* I add CmsAdmins claim to principal in an Owin middleware like so:

Despite this I still get 401 unauthorized when I try to access /episerver. Is something wrong with the CmsAdmins claim on principal? 

Update: When I check PrincipalInfo.HasAdminAccess value is true.

#199883
Edited, Dec 17, 2018 11:56
mh
mh
Vote:
 

I added app.UseStageMarker(PipelineStage.Authenticate); after my custom owin step and now it seems to be working as intended.

#199885
Dec 17, 2018 12:27
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.