I am attempting to create a Blazor Server application that will secure pages based on two separate security roles, Admins and Users. All accounts will be assigned to one of these roles, but never both. Some pages will be accessible to only Admins, while others will be accessible to both roles.
I have noticed that when I assign both roles to a page's Access property, the page does not show up in the PanelMenu after login. The page can be accessed if you manually enter the page URL in the browser.
The @attribute [Authorize(Roles="")] directive appears to allow the page to be accessed if the logged in account is a member of one on the assigned roles while your SecurityService.IsInRole() implementation appears to require that the logged in account is a member of all of the assigned roles.
Hi, I've just recently updated to 2.51.2 and the IsInRole method is still not functioning correctly when multiple roles are assigned to a page. Using AD security.
I created 2 new simple Blazor projects, 1 using Default security, and the other using AD security. The Default has your code(+), but the AD still shows the original code I posted. No ignore list in use. I've also updated to 2.51.3.
What could cause my install to generate differently than expected?