I am using OWIN-MixedAuth to authenticate website users. Running it locally with VS2015 on a Win10 mahine everything is fine. Deploying it to the productive Windows 2008 R2 server within an AD domain the User.Identity isn't a ClaimsIdentity, it is a WindowsIdentity missing the NameIdentifier claim and GetuserId returns null.
In Startup.Auth.cs I set the following cookie options. The login path points to "account/windowslogin" as recommended here.
var cookieOptions = new CookieAuthenticationOptions {
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString(ConfigurationManager.AppSettings["LoginPath"]),
Provider = new CookieAuthenticationProvider {
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, IdentityUser, Guid>(
TimeSpan.FromMinutes(30),
async (manager, user) => await user.GenerateUserIdentityAsync(manager),
(id) => new Guid(id.GetUserId())),
}
};
Any ideas why IIS 7.5 is acting differently here?
Cheers Bernd
