Csla Razor pages, Csla.ApplicationContext.User and write authorization rules

[tjscurr]

Hi All,

I'm a little stuck on how to implement a few things in my .Net Core 3.1 Razor Pages MVC application using Azure AD.

My application authenticates a user and I can see roles are loaded (thanks PTIdentity & PTPrincipal), but subsequent calls involving Csla.ApplicationContext.User shows 'CslaUnauthenticatedUser' as the value and my Business Object write authorization rules fail, I have a feeling these are related, and is a result of something I have not done, and do not know just yet!

I've not come across any examples of how to do Csla .Net Core authentication & authorization in Razor Pages.
Can anybody share examples of how to do this?

I would also be happy with just a list of how to do this.

Thank you

[Brannos1970]

I had a similar issue and resolved it by adding the following to the end of the Configure method in the Startup.cs file:

app.UseCsla(c =>
      {
        c.DataPortal().AuthenticationType("Windows");
      });

Take a look at discussion #1719 .

[tjscurr]

Hi @Brannos1970 ,

Thanks for your reply, I've tried out your suggestion, sadly it does not appear to work for MVC/Razor Pages,
the Write Authorization Rules are still failing...

There must be some other 'secret sauce' configuration for the middleware to make it all work.

[Brannos1970]

Have you looked at the Project Tracker sample? It has a blazor application that I think has what you are looking for.

https://github.com/MarimerLLC/csla/tree/master/Samples/ProjectTracker/ProjectTracker.Ui.Blazor.Server

[rockfordlhotka]

It is important to remember that web servers are stateless - so they don't remember anything from one postback to the next. That includes the user's identity.

ASP.NET Core has mechanisms (often using an auth cookie) to maintain some info about the user over time. You need to enable the aspnetcore middleware to take that info and restore the user identity on each postback. This really has nothing to do with CSLA at all, as what is used is standard aspnetcore authentication functionality.

[rockfordlhotka]

Another thing to keep in mind, is that modern aspnetcore only works with ClaimsPrincipal and ClaimsIdentity types. You mentioned the use of PTIdentity, etc. and that model no longer works in .NET Core (at least not in the web server). As a result, CSLA now supports the claims types (in particular the MobileFormatter), and the samples are slowly being updated to only use the claims types.