-
Notifications
You must be signed in to change notification settings - Fork 83
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AuthorizationPolicy and AuthorizedRole not working. #378
Comments
@gerane - Sorry for not getting back sooner. This works for me on the latest 2.1 build (which should be released in a couple days) I had to use the group's ID; not the name.
I was able to login as a user that was part of the group and logging in as a user that was not part of the group showed an error since i only had one page. I will fix that experience... |
If you want to try the latest, grab it here; https://www.powershellgallery.com/packages/UniversalDashboard/2.1.0 |
Also, you check out what claims you have, you can put
When you try to load the page, it will block and then you can use |
@adamdriscoll When I try your example, I can't get it to work. I just get a white page when going to localhost:10001, and if I manually type in localhost:10001/login it lets me login with azureAD, but then redirects me to localhost:10001 with an error "Cannot read property 'url' of undefined" |
@adamdriscoll also, I get a 404 for your link |
@gerane The latest is on the PowerShell Gallery: https://www.powershellgallery.com/packages/UniversalDashboard/2.1.0 Did you check the claims in the debugger? Maybe there is something I'm missing here.... |
I have the same issue using Version 2.1.0 using your code as a template - I have added wait-debugger to the authorization policy. With -AllowHTTPForLogin I get the login screen but login keeps looping back to the login screen and never hits the Wait-debugger With a -certificate I get the error "cannot read property of 'url' of underfined" shown by @gerane. No login page appears - this is true without any Authorization policy |
This workings completely different in 2.7. Please reopen if you are still eperience this issue. |
Version: 2.0.1
I am trying to get the Authorized Roles working with AzureAD, but they are either ignored or cause errors.
Here is the basic setup.
Example Setup Gist
New-UDPage
Example 1
If I do the following, no auth is respected. All users can access everything and login.
Example 2
If I do the following using
AuthorizationPolicy
and the string name of a policy, the server errors and returns only white pages.Errors in logs
When AzureAD is challenged, the page isn't redirecting properly. Normally this would redirect to "/home", but when
AuthorizationPolicy
is used like this it redirects to a white page at "/"Then later you see there errors in the logs.
Example 3
If I do the following using
AuthorizationPolicy
and a policy object, the server has almost the same errors as above and returns only white pages.Any use of
AuthorizationPolicy
leads to the errors and white screens. The logs for this example look the same as when using the string name instead of object, except the "DashboardController Failed to evaluate authorization policy" error was not present.New-UDLoginPage
I can't seem to get any sort of Role to work with the
New-UDLoginPage
command. If I login with a user that isn't in the "APP_PSDashboard_UsersLogin_Allowed" group, they are able to login without issue.When the page is in a broken state and viewing a white page, the view source body looks like the following.
The text was updated successfully, but these errors were encountered: