-
Notifications
You must be signed in to change notification settings - Fork 266
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use multiple authentication schemes? #405
Comments
Hi, quick question what do you want to happen when a user is not authentiated? Should your application challenge them to present a cookie or to log in via Kerberos? Or is it dependent which route they have tried to access? |
Depending on the route (intranet or external), the application will either ask the user sign in, if they don't have a valid cookie or JWT, or automagically sign them in using a Kerberos negotiate challenge. |
In this case you have two options how to accomplish it:
Either way, you'll have to write a fairly simply logic yourself where you check an incoming HTTP request to have one of your accepted authentication methods and then validate that scheme accordingly. |
Agreed I think that would be a pretty common use case to want to support multiple auth schemes. |
Further to this it would be nice to support using Example for challenge:
|
I need two different authentication schemes in one application. Some users are logged in via Kerberos using Negotiate, and some are authenticated using CookieAuthentication. If I set
AuthenticationOptions.DefaultScheme <- "Negotiate"
, CookieAuthentication stops working (explicitly callingchallenge "Cookies"
) and vice versa.In C# there is an attribute
[Authorize(AuthenticationSchemes ="Cookies")]
which supposedly does the trick. I'm guessing the Giraffe equivalent should berequireAuthentication (challenge "Cookies")
, without having looked at the C# code.The text was updated successfully, but these errors were encountered: