Hangfire Dashboard Authorization Config Not working

Asked 11/8, 2016 at 8:6 Answered 1/10, 2016 at 6:32

I've downloaded the nu-get package Hangfire.Dashboard.Authorization

I'm trying configure the OWIN based authorization as per the docs as follows but I get intellisense error DashboardOptions.AuthorizationFilters is obsolete please use Authorization property instead

I also get intellisense error The type or namespace AuthorizationFilter and ClaimsBasedAuthorizationFilterd not be found

using Hangfire.Dashboard;
using Hangfire.SqlServer;
using Owin;
using System;

namespace MyApp
{
    public class Hangfire
    {
       public static void ConfigureHangfire(IAppBuilder app)
        {
           GlobalConfiguration.Configuration
           .UseSqlServerStorage(
               "ApplicationDbContext",
                new SqlServerStorageOptions 
                  { QueuePollInterval = TimeSpan.FromSeconds(1) });

           var options = new DashboardOptions
           {
               AuthorizationFilters = new[]
               {
                  new AuthorizationFilter { Users = "admin, superuser", Roles = "advanced" },
                  new ClaimsBasedAuthorizationFilter("name", "value")
               }
           };

           app.UseHangfireDashboard("/hangfire", options);
           app.UseHangfireServer();
        }
    }
}

* UPDATE *

Since the above nuget package doesnt work I've attempted to create my own custom filter:

public class HangfireAuthorizationFilter : IAuthorizationFilter
{
    public bool Authorize(IDictionary<string, object> owinEnvironment)
    {
        // In case you need an OWIN context, use the next line,
        // `OwinContext` class is the part of the `Microsoft.Owin` package.
        var context = new OwinContext(owinEnvironment);

        // Allow all authenticated users to see the Dashboard (potentially dangerous).
        return context.Authentication.User.Identity.IsAuthenticated;
    }
}

How do I restrict to only Admin roles i.e what is the syntax?

Deiform answered 11/8, 2016 at 8:6 Comment(3)

Which version of HF you are using? Also please show the namespaces you have imported in the class. – Hockey 11/8, 2016 at 8:18

@Hockey Hangfire core is 1.6.1 and the Hangfire.Dashborad.Authorization is 2.1.0. I've updated the post to show namespaces. – Deiform 11/8, 2016 at 8:25

Can you help me suggest something for similar situation for .net 4.8? I need to add azure ad group (ms entra group) for dashboard access – Linen 1/5 at 5:58

You need to make sure the Configure(app) method is called in your Startup.cs class before configuring your hangfire dashboard.

  public partial class Startup
{
    private static readonly ILog log = 
        LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod
    ().DeclaringType);


    public void Configuration(IAppBuilder app)
    {

        //Hangfire Config
        GlobalConfiguration.Configuration.UseSqlServerStorage
            ("HangFireJobs");
        app.UseHangfireServer();

        log.Debug("Application Started");

        ConfigureAuth(app);


        //this call placement is important
        var options = new DashboardOptions
        {
            Authorization = new[] { new CustomAuthorizationFilter() }
        };
        app.UseHangfireDashboard("/hangfire", options);
    }
}

Then in your auth config class you can do something as simple as this :

  public class CustomAuthorizationFilter : IDashboardAuthorizationFilter
{ 

    public bool Authorize(DashboardContext context)
    {
        if (HttpContext.Current.User.IsInRole("Admin"))
        {
            return true; 
        }

        return false; 
    }
}

Apocarpous answered 1/10, 2016 at 6:32 Comment(6)

Great answer! Thanks! – Edward 24/2, 2017 at 10:4

1000% thank you for this simple answer! It's the simple things. – Antifouling 7/5, 2020 at 1:34

Thanks. This approach easy to use. Please make sure to use the above answer before the endpoints.MapHangfireDashboard(); endpoint configuration – Copal 30/10, 2020 at 7:24

@frank that was it for me, "order matters"! – Ubiety 24/8, 2021 at 14:37

Or just return HttpContext.Current.User.IsInRole("Admin"); – Winston 26/10, 2023 at 23:19

Can you help me suggest something for similar situation for .net 4.8? I need to add azure ad group (ms entra group) for dashboard access – Linen 1/5 at 5:59

Defining the dashboard options in this way worked for me -

    var options = new DashboardOptions
    {
        AuthorizationFilters = new List<IAuthorizationFilter>
       {
          new Hangfire.Dashboard.AuthorizationFilter { Users = "admin, superuser", Roles = "advanced" },
          new Hangfire.Dashboard.ClaimsBasedAuthorizationFilter("name", "value")
       }
    };

I have imported the following namespaces -

using System;
using Owin;
using Hangfire;
using Hangfire.Dashboard;
using System.Collections.Generic;
using Hangfire.SqlServer;

Yes it is showing me the deprecated warning for AuthorizationFilters and suggest to use Authorization, basically the IAuthorizationFilter interface is going to removed in version 2.0, and IDashboardAuthorizationFilter interface has to be used.

For this you can create your own custom filter implementing IDashboardAuthorizationFilter and use this instead.

public class MyAuthorizationFilter : IDashboardAuthorizationFilter
{
    public bool Authorize(DashboardContext context)
    {
        //Implement

        //Netcore example
        return dashboardContext.GetHttpContext().User.Identity.IsAuthenticated;
    }
}

Hockey answered 11/8, 2016 at 9:51 Comment(2)

I still get error The type or namespace AuthorizationFilter does not exist in the namespace Hangfire.Dashboard. I've used the same namespaces as yourself? Looks like this package is out of date. – Deiform 11/8, 2016 at 19:36

I've implemented my own filter but how do I restrict to only admin roles - see my edit above? – Deiform 11/8, 2016 at 21:22

Recommended topics

Hot tags