Search⌘ K
AI Features
Home
Courses
Using Single Sign-On for Securing Applications in ASP.NET Core

Enforcing Authentication and Authorization on MVC Views

Understand how to enforce authentication and manage authorization on MVC views within ASP.NET Core applications. Explore configuring roles, allowing anonymous access, handling access denied scenarios, and implementing logout processes in a single sign-on environment.

We'll cover the following...

In this lesson, we will learn how to fine-tune the authorization requirements in an MVC application. We will do so with the help of the following playground:

{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*"
}
MVC app with the OpenID Connect flow

Note: Because we have to build two ASP.NET Core applications and populate the IdP database with the initial seed data, the build process is expected to take at least a few minutes. Also, because each playground launch rebuilds the IdP along with its database, the account previously registered will no longer work. We will need to register a new account.

In this playground, we have the following two applications:

  • DemoApp: It is our main MVC application.

  • OpenIddictAuthProvider: It is our IdP application.

Both applications have been fully configured to enable the OIDC authentication flow. We will just need to customize the authorization requirements inside ...