5

I am trying to integrate my web service to authenticate using Azure AD. The response from Azure AD varies each time. When i open my site in firefox normal browser, the IsAuthenticated as true.

IsAuthenticatedAsTrue

Opening in a private browser, the IsAuthenticated is false.

IsAuthenticatedAsFalse

The only difference i can see is, the IsAuthenticated true is from ClaimsIdentity and IsAuthenticated false is from GenericIdentity.

The following is my startup.auth code.

public partial class Startup
{
    private static string clientId = ConfigurationManager.AppSettings["ClientId"];
    private static string aadInstance = ConfigurationManager.AppSettings["AADInstance"];
    private static string tenantId = ConfigurationManager.AppSettings["TenantId"];
    private static string postLogoutRedirectUri = ConfigurationManager.AppSettings["PostLogoutRedirectUri"];
    private static string authority = aadInstance + tenantId;

    public void ConfigureAuth(IAppBuilder app)
    {
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);

        app.UseCookieAuthentication(new CookieAuthenticationOptions());

        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                ClientId = clientId,
                Authority = authority,
                PostLogoutRedirectUri = postLogoutRedirectUri
            });
    }
}

The following is my code to send the authentication request to AzureAD

    public void LoginUsingAzure()
    {
        HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = "/" },
                OpenIdConnectAuthenticationDefaults.AuthenticationType);
    }
abatishchev
  • 98,240
  • 88
  • 296
  • 433
Dinesh M
  • 1,026
  • 8
  • 23
  • Are you saying that you opened a private window and then didn't sign in? Because the private window does not share sessions with the other window. – juunas Jan 12 '17 at 17:48
  • this issue is also reproduced in normal window. after logging in to my site in normal browser, then clearing the cache and cookies in the browser, and when i try to login again, i face this issue. this issue reproduces in all the browsers. Is there anything i need to configure in Azure AD portal ? – Dinesh M Jan 18 '17 at 07:13
  • By clearing the cookies aren't you also clearing the ASP.NET authentication cookie? Isn't it a bit expected that it would then say you are not authenticated? The GenericIdentity being there just means you have not authenticated yet. – juunas Jan 18 '17 at 07:25
  • after clearing my cookies and reloading the page, i was redirected to the office 365 login page, and i was asked to sign in again. after signing in successfully, the page redirects to my site login page, where i can notice the isauthenticated is set to false. i cant able to login again once i cleared my cookies. – Dinesh M Jan 18 '17 at 08:54

2 Answers2

1

This issue was fixed. The reason for this issue is dependency problem. Found the answer in the below stackoverflow link.

ASP.NET_SessionId + OWIN Cookies do not send to browser

Installing Kentor.OwinCookieSaver -Version 1.1.0 nuget package, solved my issue.

abatishchev
  • 98,240
  • 88
  • 296
  • 433
Dinesh M
  • 1,026
  • 8
  • 23
0

I am trying to reproduce this issue however failed. I am testing the web app using version 50.1.0 with clean installation.

To fix this issue, I suggest that you re-install the Firefox with this version.

Here is the test figure for your reference:

enter image description here

Fei Xue
  • 14,369
  • 1
  • 19
  • 27
  • I reinstalled my firefox, and am using 51.0.13 version. but i still face this issue. Can i know, what type of authentication do you use ? is it openid or oauth? – Dinesh M Jan 13 '17 at 12:48
  • I was testing [this code sample](https://github.com/Azure-Samples/active-directory-dotnet-webapp-openidconnect) using the openId connect. – Fei Xue Jan 17 '17 at 07:24
  • I can still reproduce my issue. I have used the same code sample for implementation. after logging in to my site, then clearing the cache and cookies in the browser, and when i try to login again, i face this issue. Is there anything i need to configure in Azure AD portal ? – Dinesh M Jan 18 '17 at 07:11