Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Hangfire Dashboard Authentication

See original GitHub issue

Hello,

Just trying to get the Hangfire dashboard functioning with Abp permissions.

i declared the Authorization Filter in a seperate class in my web project.

namespace Portal.Web
{
    public class HangfireAuthorizationFilter : IDashboardAuthorizationFilter
    {
        public bool Authorize(DashboardContext context)
        {
            using (var permissionChecker = IocManager.Instance.ResolveAsDisposable<IPermissionChecker>())
            {
                return permissionChecker.Object.IsGranted(PermissionNames.Pages);
            }
        }
    }
}

and then call the filter in the Startup class of the web project

app.UseHangfireDashboard("/Tools/BackgroundJobs", new DashboardOptions
            {
                Authorization = new[] { new HangfireAuthorizationFilter() }
            });

The problem i have is that the Authorize filter always returns false. If i manually change the method to

return permissionChecker.Object.IsGranted(1,PermissionNames.Pages);

Where 1 is the userId of a valid user that has that permission granted, it works fine.

Im not too sure where it pulls the user information from for this PermissionChecker, but when i put a breakpoint in the Authorize method i can see AbpSession is a property of PermissionChecker, but all the values are set to null, even though i am logged in.

Any suggestions as to what could be causing this?

I am running Abp v0.10.3 Thanks

Issue Analytics

State:
Created 7 years ago
Comments:8 (8 by maintainers)

Top GitHub Comments

1reaction

tjackadamscommented, Aug 17, 2016

@hikalkan Yeah i have moved the UserHangFireDashboard after UseCookieAuthentication and i can confirm it works as expected now. I will make use of the new class when its available. Many Thanks!

0reactions

hikalkancommented, Aug 17, 2016

BTW, I added an AbpHangfireAuthorizationFilter class to Abp.HangFire nuget package: https://github.com/aspnetboilerplate/aspnetboilerplate/commit/e4c61d670a9814eb23ef543510cc56c91915aafa Will be available in the next release.

Top Results From Across the Web

Using Dashboard UI

Configuring Authorization¶. Hangfire Dashboard exposes sensitive information about your background jobs, including method names and serialized arguments as well ...

Securing Hangfire Dashboard in ASP.NET Core with a ...

Securing Hangfire Dashboard in ASP.NET Core with a Custom Auth Policy · Step 1 - Initial Setup · Step 2 - Adding a...

HangfireIO/Hangfire.Dashboard.Authorization

Basic authentication. Note: If you are using basic authentication together with OWIN security, configure Hangfire BEFORE OWIN security configuration.

Hangfire.Dashboard.Basic.Authentication 7.0.1

Authentication is a re-usable Hangfire Basic Authentication filter that can be easily imported and configured in your project. It provides a quick and...

ASP.NET Core MVC Hangfire custom authentication

To add custom basic authentication in hangfire for asp.net core. Use Hangfire.Dashboard.Basic.Authentication nuget package.