Using Multiple authentication scheme I am experiencing recursion

[Notamatall]

Is there an existing issue for this?

• I have searched the existing issues

Describe the bug

I have tried to configure .NET 8 application which uses multiple authentication schemas. In my case I am trying to use cookie and JWTBearer.
I have also added configuration for authentication which allows to dynamically select authentication schema. ( this is crucial to reproduce bug).
Additionally I have defined policy which uses Requirement - AuthorizationHandler which requires User to be enabled.
If Requirement is not Succeeded, request goes into recursion -> authentication -> authorization handler -> forbidden endpoint.

Expected Behavior

I expect that is should just return me 403.

Steps To Reproduce

Way to reproduce -> login with cookie -> requst GetWithCookie endpoint of ContentController.
project which repoduces

Exceptions (if any)

No response

.NET Version

8

Anything else?

No response

[mkArtakMSFT]

Thanks for contacting us. The issue appears to be is that your CookieAuthenticationOptions.LoginPath is redirecting to the page that requires authentication. You should have AllowAnonymous on that page to avoid the recursion.

[Notamatall]

Login path redirects to unauthorized which is not the case
Because we are getting forbidden

Plus both forbidden and unauthorized are not protected