Greetings.
Simple app, lots of data entry protected by default security.
We think of having a "Search" page that is open to anyone (i.e. anonymous users not going through the login process at all) to allow read access to some of the data.
Naturally, the 1st error at the console is:
ERROR Error: Uncaught (in promise): Error: Cannot match any routes. URL Segment: 'login'
Error: Cannot match any routes. URL Segment: 'login'
and it goes on fromt here. All data asource methods are also "401 (Unauthorized)" .
Anything we could try to have this "open page" accessible?
This "OPEN" SEARCH Page is marked for access with "Everybody".
All the rest are marked for access only by the Role that has rights to them.
Thery are also "hidden" behind teh login page where access is granted based on the roles.
The SEARCH is not supposed to require any authentication, so it is marked for access by everybody.
I can navigate to it (there is a route in app.routes.ts) but it does not respond to anything since, as yoou said, all data source methods ARE decorated with the authorize attribute.
So the original question is still valid?
How can I make teh SEARCH page accessible to everybody?
Should I try creating distinct data sourcer methods that are not decortated with Authorize? How would we do that?
Well, I was going by the Security Help Article that says:
"By default OData controllers are not decorated with [Authorize] attribute. You can decorate them using partial class etc., etc."...
And since I did nothing intenttional to "decorate" them so I was looking for some insight/issue. I assume that when default security is enabled they are all decorated by default now?
And I should use partial classes to "undecorate" the ones I need for free access?
Thanks! Important info here. And a corollary question:
IIRC, from some previous thread - may be outdated now - , the session refresh interval is not reset if one is working, it will end the session at the specified time always.
Any obvious way we can logout the authenticated user immediately if he closes the browser?