I have a problem with windows authentication and blazor web app .net8, everything works fine except for one detail:When I'm on a route with an authorization attribute, if I press F5 on this page, I get an http 403.
In order to reproduce my problem, I started from a blank blazor web app project. Here are the steps I followed:
- Add the Microsoft.AspNetCore.Authentication.Negotiate package
- Wrap the in a in Routes.razor
- Change the to an in Routes.razor
- Add to Program.cs
builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme).AddNegotiate(); builder.Services.AddAuthorization(options => options.FallbackPolicy = options.DefaultPolicy);
I then created a simple permission to reproduce the problem:
builder.Services.AddAuthorization(options =>{ options.AddPolicy("view", policy => policy.RequireClaim("Permission", "view"));});I created a CustomAuthenticationStateProvider to systematically add this authorization
and added the following attribute to the Counter example page:
@attribute [Authorize(Policy = "view")]When I navigate to this page via the menu, I access the page correctly and everything is fine.
If I press F5, I get an http 403 error. Could someone please explain what's wrong?
Thanks in advance