3

I am trying to build a sample web application using the Thinktecture sample ResourceAuthorization from github.

Now I have an action in the controller decorated with authorize attribute:

[ResourceAuthorize("Edit", "Resource")]
    public ActionResult Edit()
    {
        return View();
    }

I implemented my own AuthorizationManager:

 public class AuthorizationManager : ResourceAuthorizationManager
{
    public override Task<bool> CheckAccessAsync(ResourceAuthorizationContext context)
    {
        var resource = context.Resource.First().Value;

        if (resource == "Resources")
        {
            return CheckResourcesAccessAsync(context);
        }
        else
        {
            return Nok();
        }
    }

When I try to run my application now I keep getting the error:

No AuthorizationManager set.

I thought maybe I have to register the manager in the web.config like this:

 <system.identityModel>
<identityConfiguration>
    <claimsAuthenticationManager type="Namespace.xy.AuthorizationManager, Namespace.xy" />
</identityConfiguration>
</system.identityModel>

It doesn't work. What am I doing wrong?

greenhoorn
  • 1,601
  • 2
  • 15
  • 39

1 Answers1

5

The solution was to register the authorizationmanager in the startup:

 app.UseResourceAuthorization(new MyAuthorizationManager());
greenhoorn
  • 1,601
  • 2
  • 15
  • 39
  • 5
    Also, it must be registered BEFORE registering the Web Api with app.UseWebApi(config). Otherwise you'll get the same error, as stated here: https://github.com/IdentityModel/Thinktecture.IdentityModel/issues/122#issuecomment-103945807 – Mahmoud Ali Aug 06 '15 at 14:36
  • This comment of Mahmoud Ali is very important and solved the problem for me. – Edu Jan 10 '18 at 15:58