Authentication in connection and request pipelines #2808
Replies: 2 comments
-
|
Hey @SeanFeldman , try configuring error handling "global" way via app.UseExceptionHandler() NOTE: of course, we could use custom middleware class but custom middleware comes into play after auth stuff. The standard See the middleware order here: https://docs.microsoft.com/aspnet/core/fundamentals/middleware#middleware-order-1 Also this post might put some light on options how you could handle errors https://code-maze.com/global-error-handling-aspnetcore/ Hope that helps! |
Beta Was this translation helpful? Give feedback.
-
|
TLDR: This is a combination of several things that went wrong and is unrelated to YARP. If anyone reads past this point, in my case it was several things.
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I've got a project that has authentication enabled. Authentication is working against IdentityService and is working great. Except I found an edge case when a context for authentication has an invalid state, which causes an exception to be thrown from a custom
AuthenticationHandler<T>. That exception is then bubbled up, but is never handled in the customErrorHandlingMiddleware, registered beforeapp.UseAuthentication()is called.Upon further investigation, I've learned that authentication occurs in 2 places: the connection pipeline and the request pipeline. According to my understanding, the difference is that my error-handling middleware only wraps other middleware components added to the request pipeline, not the connection pipeline. Therefore, when an exception is thrown by the ASP.NET AuthenticationMiddleware (due to an error in the custom authentication handler), the error cannot be handled by the custom error middleware.
Is it possible to
AuthenticationMiddlewarefor the connection pipeline, while keeping it for the request pipeline? orBeta Was this translation helpful? Give feedback.
All reactions