Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more

AI OnAI Off

Add CmsAdmins claim in custom Owin middleware

mh
mh
Vote:
 

Hello!

I´m trying to get editor mode to work with a custom IODC provider solution we are using. I thought I´d try to add a CmsAdmins claim to the principal in an Owin middleware.

* I based solution mostly on information in this article: https://world.episerver.com/documentation/developer-guides/CMS/security/federated-security/

* I´ve made sure CmsAdmins role is given access to editor pages in web.config: 

<location path="EPiServer">
<system.web>
<authorization>
<allow roles="WebEditors, CmsAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>

<location path="EPiServer/CMS/admin">
<system.web>
<authorization>
<allow roles="WebEditors, CmsAdmins" />
<deny users="*" />
</authorization>
</system.web>
</location>

* I add CmsAdmins claim to principal in an Owin middleware like so:

Despite this I still get 401 unauthorized when I try to access /episerver. Is something wrong with the CmsAdmins claim on principal? 

Update: When I check PrincipalInfo.HasAdminAccess value is true.

#199883
Edited, Dec 17, 2018 11:56
mh
mh
Vote:
 

I added app.UseStageMarker(PipelineStage.Authenticate); after my custom owin step and now it seems to be working as intended.

#199885
Dec 17, 2018 12:27
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.