I run my enterprise applications on IIS, so I benefit from Windows authentication. Using ServiceStack Auth it works great, because only authenticated users reach my applications and applications only need to determine the authorization with assigned user’s roles from a database table.
Following the ServiceStack recommendations, I am trying to migrate my applications to use ASP.NET Core Identity, However, I need to use ASP.NET Core Identity ONLY for determining the user’s roles. I am unable to find out how to do this, as authentication seems to be implicit (i.e. hardwired).
Any suggestions how to combine windows authentication with ASP.NET Core Identity authorization for ServiceStack 8.4 applications?
You would need to use ASP .NET Authentication APIs and libraries when configuring Windows Auth as ServiceStack no longer has control on how Auth is configured.
Googling around it looks like you’re able to configure Windows Auth users with Custom Roles using a custom IClaimsTransformation:
I wouldn’t use Identity Auth tables for this as that’s designed to support EF Credential Identity Auth users, I’d just have a custom table with Windows Auth User and Role.