Share via

Will Blazor Server ever work with Windows Authentication?

Falanga, Rod, DOH 190 Reputation points
2024-09-04T15:16:15.0266667+00:00

Where I work all applications must use Windows Authentication. No exceptions.

I am learning Blazor using .NET 8. I had hoped that I could use Windows Authentication with the Blazor Server App template. I am aware of the fact that Microsoft advises against using Windows Authentication in a Blazor WebAssembly application, because of that I want to use the Blazor Server App template. So, I'm not going to use a Blazor WebAssembly template, even with the Blazor Web App template. Yet, Visual Studio 2022 still doesn't allow me to use Windows Authentication with when specify server only.

So, here are my questions. Will Microsoft ever allow developers to use a Blazor Server app with Windows Authentication either now or in the future? Or is it the case that if I have to use Windows Authentication, then I have to give up on using Blazor?

Blazor
Blazor
A free and open-source web framework that enables developers to create web apps using C# and HTML being developed by Microsoft.
1,584 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JasonPan - MSFT 5,796 Reputation points Microsoft Vendor
    2024-09-05T07:24:43.4833333+00:00

    Hi @Falanga, Rod, DOH,

    Currently, when you create a Blazor Web App template in VS2022, Windows Authentication is not supported when you select the authentication method. Like below.

    User's image

    If we want this feature, we can submit a new feature ticket on GitHub.

    User's image

    **
    Workaround

    I followed the official documentation (adding Windows Authentication in asp.net Core) and tried to add Windows Authentication to the Blazor Web App.

    1. Add Microsoft.AspNetCore.Authentication.Negotiate package.
    2. Add below code in Program.cs 
         // Add services to the container.
   builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
      .AddNegotiate();
   builder.Services.AddAuthorization(options =>
   {
       // By default, all incoming requests will be authorized according to the default policy.
       options.FallbackPolicy = options.DefaultPolicy;
   });
      Full Code 
         using BlazorWebApp.Components;
   using Microsoft.AspNetCore.Authentication.Negotiate;
   var builder = WebApplication.CreateBuilder(args);
   // Add services to the container.
   builder.Services.AddAuthentication(NegotiateDefaults.AuthenticationScheme)
      .AddNegotiate();
   builder.Services.AddAuthorization(options =>
   {
       // By default, all incoming requests will be authorized according to the default policy.
       options.FallbackPolicy = options.DefaultPolicy;
   });
   // Add services to the container.
   builder.Services.AddRazorComponents()
       .AddInteractiveServerComponents();
   var app = builder.Build();
   // Configure the HTTP request pipeline.
   if (!app.Environment.IsDevelopment())
   {
       app.UseExceptionHandler("/Error", createScopeForErrors: true);
       // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
       app.UseHsts();
   }
   app.UseHttpsRedirection();
   app.UseStaticFiles();
   app.UseAntiforgery();
   app.MapRazorComponents<App>()
       .AddInteractiveServerRenderMode();
   app.Run();
    3. Change _Imports.razor code like. 
         @using System.Net.Http
   @using System.Net.Http.Json
   @* Add these 2 line *@
   @using Microsoft.AspNetCore.Authorization
   @using Microsoft.AspNetCore.Components.Authorization
   @using Microsoft.AspNetCore.Components.Forms
   @using Microsoft.AspNetCore.Components.Routing
   @using Microsoft.AspNetCore.Components.Web
   @using static Microsoft.AspNetCore.Components.Web.RenderMode
   @using Microsoft.AspNetCore.Components.Web.Virtualization
   @using Microsoft.JSInterop
   @using BlazorWebApp
   @using BlazorWebApp.Components
    4. Change Routes.razor code like. 
         @* <Router AppAssembly="typeof(Program).Assembly">
       <Found Context="routeData">
           <RouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
           <FocusOnNavigate RouteData="routeData" Selector="h1" />
       </Found>
   </Router>
    *@
   <CascadingAuthenticationState>
       <Router AppAssembly="typeof(Program).Assembly">
           <Found Context="routeData">
               <!-- Using AuthorizeRouteView instead of RouteView-->
               <AuthorizeRouteView RouteData="routeData" DefaultLayout="typeof(Layout.MainLayout)" />
               <FocusOnNavigate RouteData="routeData" Selector="h1" />
           </Found>
           <NotFound>
               <PageTitle>Not found</PageTitle>
               <LayoutView Layout="typeof(Layout.MainLayout)">
                   <p role="alert">Sorry, there's nothing at this address.</p>
               </LayoutView>
           </NotFound>
       </Router>
   </CascadingAuthenticationState>
    5. LoginDisplay.razor and MainLayout.razor. User's image
    6. Test Result User's image

    Concerns and potential risks.

    Because AuthorizeRouteView is used to replace RouteView, the above workaround may be incompatible in some scenarios, so it is recommended that the official release of the latest template.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,

    Jason

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.