How can I add [Authorize] to all front-end pages [via controller maybe]
Odd question, but I'm trying to secure an Umbraco 8.1.4 intranet by using Okta to auto-login staff with their Windows credentials (using essentially these steps).
I've modified a MyOwinStartup.cs to include the Okta code, plus added the line "GlobalFilters.Filters.Add(new AuthorizeAttribute())", which forces all controllers to require authorization. This approach works fine for the front end, but BackOffice users find that after login they can't do anything else (404 errors etc).
Short of implementing the full UmbracoIdentity approach (trying to avoid the whole Members approach, don't really need that level of login control), is there a way to maybe include a surface controller on every page to which we could prepend the [Authorize] keyword? I'd then remove the GlobalFilters code from MyOwinStartup.
Or if there's a better (but still sorta easy) approach, would love to hear what others recommend.
I'm not sure if this is what you need for what you are trying to achieve but you can replace the default RenderMvcController that Umbraco uses with your own implementation... Eg create a new controller; inherit RenderMvcController and set it as the default during composing...
Still feel like I'm so close yet so far. Okta works for auto-logging in people to front-end pages (not as Members, strictly as Windows-authenticated users), but the BackOffice throws a bunch of errors after login:
Per Marc's suggestion, I replaced the default RenderMvcController to include the [Authorize] parameter, see code below from my App_Start/SetDefaultMvcControllerComposer.cs. This does seem to correctly trigger Okta to log users in when they first hit any front-end page.
Web.config has these lines which pertain to Okta login:
And lastly, App_Start/MyOwinStartup.cs which has both recently-added Okta code, and some earlier code for logging in Backoffice users:
If it's actually better/easier to incorporate Okta login into the UmbracoIdentity code example, we're happy to go that route also, it just seemed like more than we needed since we're not really using the Members section of Umbraco in this intranet, and only are needing Windows Authentication (and can't just set the overall app in IIS to use Windows Authentication because of some mobile and other out-of-office users).
How can I add [Authorize] to all front-end pages [via controller maybe]
Odd question, but I'm trying to secure an Umbraco 8.1.4 intranet by using Okta to auto-login staff with their Windows credentials (using essentially these steps).
I've modified a MyOwinStartup.cs to include the Okta code, plus added the line "GlobalFilters.Filters.Add(new AuthorizeAttribute())", which forces all controllers to require authorization. This approach works fine for the front end, but BackOffice users find that after login they can't do anything else (404 errors etc).
Short of implementing the full UmbracoIdentity approach (trying to avoid the whole Members approach, don't really need that level of login control), is there a way to maybe include a surface controller on every page to which we could prepend the [Authorize] keyword? I'd then remove the GlobalFilters code from MyOwinStartup.
Or if there's a better (but still sorta easy) approach, would love to hear what others recommend.
Hi Eric
I'm not sure if this is what you need for what you are trying to achieve but you can replace the default RenderMvcController that Umbraco uses with your own implementation... Eg create a new controller; inherit RenderMvcController and set it as the default during composing...
See here for how:
https://our.umbraco.com/Documentation/Implementation/Default-Routing/Controller-Selection/
Still feel like I'm so close yet so far. Okta works for auto-logging in people to front-end pages (not as Members, strictly as Windows-authenticated users), but the BackOffice throws a bunch of errors after login:
Per Marc's suggestion, I replaced the default RenderMvcController to include the [Authorize] parameter, see code below from my App_Start/SetDefaultMvcControllerComposer.cs. This does seem to correctly trigger Okta to log users in when they first hit any front-end page.
Web.config has these lines which pertain to Okta login:
And lastly, App_Start/MyOwinStartup.cs which has both recently-added Okta code, and some earlier code for logging in Backoffice users:
If it's actually better/easier to incorporate Okta login into the UmbracoIdentity code example, we're happy to go that route also, it just seemed like more than we needed since we're not really using the Members section of Umbraco in this intranet, and only are needing Windows Authentication (and can't just set the overall app in IIS to use Windows Authentication because of some mobile and other out-of-office users).
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.