7e14b052ea
* Add AccessDeniedPath support to the OIDC/OAuth2/Twitter providers * Update the code documentation and remove an unnecessary call to SignOutAsync() * Introduce a new AccessDenied event and move most of the access denied handling logic to RemoteAuthenticationHandler * Add ReturnUrlParameter support to RemoteAuthenticationHandler * Remove AccessDeniedException and introduce RemoteAuthenticationHandler.HandleAccessDeniedErrorAsync() * Use OriginalPath instead of Request.Path * Update obsolete code comments * Add unit tests for the new AccessDenied event * Allow customizing the access denied path/return URL/return URL parameter from the AccessDenied event |
||
|---|---|---|
| .vsts-pipelines/builds | ||
| benchmarks/Microsoft.AspNetCore.Security.Performance | ||
| build | ||
| samples | ||
| shared/Microsoft.AspNetCore.ChunkingCookieManager.Sources | ||
| src | ||
| test | ||
| .appveyor.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .travis.yml | ||
| CONTRIBUTING.md | ||
| Directory.Build.props | ||
| Directory.Build.targets | ||
| LICENSE.txt | ||
| NuGet.config | ||
| NuGetPackageVerifier.json | ||
| README.md | ||
| Security.sln | ||
| build.cmd | ||
| build.sh | ||
| korebuild-lock.txt | ||
| korebuild.json | ||
| run.cmd | ||
| run.ps1 | ||
| run.sh | ||
| version.props | ||
README.md
ASP.NET Security
AppVeyor:
Travis: 
Contains the security and authorization middlewares for ASP.NET Core.
A list of community projects related to authentication and security for ASP.NET Core are listed in the documentation.
Notes
ASP.NET Security will not include Basic Authentication middleware due to its potential insecurity and performance problems. If you host under IIS you can enable it via IIS configuration.
This project is part of ASP.NET Core. You can find samples, documentation and getting started instructions for ASP.NET Core at the Home repo.