I have an ASP.net app that is using cookie authentication that passes the return URL to the my authentication controller when the cookie expires and needs revalidation. After revalidation, the controller redirects to where ever the return url parameters are as a GET. The problem is if the revalidation happens when the user does a POST, the controller will redirect to the GET function, if available, which I do not want to happen. Also, some actions send a model to the controller, on GET and POST, and when the revalidation occurs, the model is lost.
I have tried to override the provider in the Cookie Authentication Options, like this, but this only helps if there are query parameters, not model objects.
