1

Scenario:

  • A user logs in to Windows Authentication ASP.NET website
  • The ASP.NET website needs to call a ServiceStack API impersonated by the Windows Authenticated user.

Because Windows Authentication does not support passing thru the authentication, due the double-hop problem, we need to use an alternative solution to impersonate that user.

The ASP.NET website and the ServiceStack API website shares the same BearerTokenKey (to generate bearertokens).

We tried this by using the CreateJwtBearerToken() function of the JwtAuthProvider.cs, but then we get an exception that the AppHost is not initialized.

ConfigurationErrorsException

We don't want to startup or initialize ServiceStack on the ASP.NET website, but we only want to generate JWT bearer token keys on the client with the same shares BearerTokenKey between the ASP.NET website and the ServiceStack API.

Is there a way to generate the JWT bearer token key on the ASP.NET website without initializing any ServiceStack app host and which will be accepted by the ServiceStack API (indirect thru the JwtSecurityTokenHandler.cs)?

Robin Bouwmeester
  • 63
  • 4

1 Answers1

2

Many of ServiceStack APIs require an AppHost, as you don't want to initialize a full AppHost, you can use an initialize a stub BasicAppHost instead, as done in integration tests:

using var appHost = new BasicAppHost().Init();
mythz
  • 141,670
  • 29
  • 246
  • 390
  • 1
    Thanks, we have solved it with the BasicAppHost you mentioned in combination with the singleton ServiceStack.ServiceStackHost.Instance to see if there is already a host loaded. – Robin Bouwmeester Jul 26 '22 at 12:14