Hello together,
an old winforms application should be re-designed / migrated as web application, here comes Blazor Server in. In the winforms application each user have to authenticate at startup against an oracle database, the application tries to connect with the individiual oracle user accounts to the database and with established connection, the user was "authenticated" the hole time, until the application was closed.
For the new Blazor Server application I need the same custom authentication process, the web application is used only within Intranet.
Pre-Work
========
The following describes my already created steps:
In the custom ServerAuthenticationStateProvider in LoginNotify() the authentication against oracle database is implemented, with a ClaimsPrincipal and some static roles, to test the authorization in pages/components -> some pages should not be visible for specific users etc.
At this point my problems comes in, after the login of my user with valid credentials, I can´t see any created Cookie, this means after a Browser Refresh (F5), I always get redirected to the login page again! I know in the sample application with Microsoft Identity example (IdentityDbContext), the services.AddIdentity() is the only difference, but it uses an complete in app database.
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddRazorPages();
services.AddHttpContextAccessor();
services.AddServerSideBlazor();
services.AddDatabaseDeveloperPageExceptionFilter();
services.AddAuthorizationCore();
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
}
In Configure() at the end:
app.UseAuthentication();
app.UseAuthorization();
Should I use the Microsoft Identity example (IdentityDbContext) with the in app DB? In general the users have already an oracle user acount and no Register page is necessary to create new users, thats another process. At other side, I neeed to store somewhere for each specific user his roles and map them to the ClaimsPrincipal. I would like to keep simple as possible, but I think I should mix some custom logic with the Identity example, can you help me and give some advice?
Here are more posts on this topic which I read and tried:
ASP.Net Core 5.0 Authentication and Authorization
https://stackoverflow.com/questions/65665953/asp-net-core-5-0-authentication-and-authorization
Custom Authentication in Blazor WebAssembly – Detailed
https://codewithmukesh.com/blog/authentication-in-blazor-webassembly/
Use cookie authentication without ASP.NET Core Identity
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-5.0
Customising ASP.Net Identity in Blazor server side
https://mvc.tech/blog/blazoridentityuser/
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 28.000000000000004%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
