Access Denied After Successful Member Login

2025/09/23 2:52 PM

Hello everyone πŸ‘‹, I hope you're all doing well.


I'm working on implementing the "Requires Authentication" page feature in my XbyK project, but I'm running into an issue I can't seem to resolve.

I'm logging in a user (Member) using the following code, and everything seems to work fine β€” signInResult.Succeeded returns true, and User.Identity is not null:

SignInResult signInResult = await signInManager.PasswordSignInAsync(response.EmailAddress, response.Password, rememberMe, false);
if (!signInResult.Succeeded)
    throw new Exception($"Unable to sign in the user: {response.EmailAddress} / {response.Password}");

However, after the user logs in successfully, any page that requires authentication still returns an Access Denied error. I can confirm the proper roles are assigned to the member.

Here’s how I'm configuring Identity and authentication in Program.cs:

static void ConfigureMembershipServices(IServiceCollection services)
{
    services.Configure<AdminIdentityOptions>(options =>
    {
        options.AuthenticationOptions.ExpireTimeSpan = TimeSpan.FromHours(12);
    });

    services.AddIdentity<ExtendedApplicationUser, NoOpApplicationRole>(options =>
    {
        options.Password.RequireDigit = false;
        options.Password.RequireNonAlphanumeric = false;
        options.Password.RequiredLength = 8;
        options.Password.RequireUppercase = false;
        options.Password.RequireLowercase = false;
        options.Password.RequiredUniqueChars = 0;
        options.SignIn.RequireConfirmedAccount = false;
    })
    .AddUserStore<ApplicationUserStore<ExtendedApplicationUser>>()
    .AddRoleStore<NoOpApplicationRoleStore>()
    .AddUserManager<UserManager<ExtendedApplicationUser>>()
    .AddSignInManager<SignInManager<ExtendedApplicationUser>>();

    services.ConfigureApplicationCookie(options =>
    {
        options.ExpireTimeSpan = TimeSpan.FromDays(14);
        options.SlidingExpiration = true;
        options.AccessDeniedPath = new PathString("/error/403");
        options.Cookie.IsEssential = true;
        options.Cookie.Name = "project.auth";
    });

    services.AddAuthorization();
}

Has anyone encountered this behavior before? Could it be related to authorization policies, or something else in the pipeline?

Any insights or suggestions would be greatly appreciated πŸ™

Environment

  • Xperience by Kentico version: [30.9.0]

  • .NET version: [8]

  • Execution environment: [Private cloud (Azure/AWS/Virtual machine)]

Tags:
v30.9.0

Answers

2025/09/23 3:15 PM
  1. How does your sign-in method end?
  2. If you open your browser dev tools and check "Preserve log" do you see, a response from the server that has a Set-Cookie response header after your authentication request succeeds?
  3. What is the cookie name in the response? It should match your CookieAuthenticationOptions.Cookie.Name value.
  4. How are you requiring authentication checks for pages in your code?
  5. Are you performing any authorization?
  6. What does your ASP.NET Core middleware pipeline look like?

To response this discussion, you have to login first.