1

We are implementing Azure AD Authentication in ASP.NET MVC 5 using Open ID Connect. When the application was running on premise we had windows Authentication, so there is no login page or Login button.

We have put [Authorize] attribute to all the controllers so that the user is authenticated before accessing the page. Below is the code in start up Auth.

    app.UseKentorOwinCookieSaver();
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = "Cookies",
            CookieManager = new Microsoft.Owin.Host.SystemWeb.SystemWebChunkingCookieManager()
        });
        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                ClientId = clientId,
                Authority = authority,
                PostLogoutRedirectUri = postLogoutRedirectUri,
                RedirectUri = RedirectUri,
                ResponseType = OpenIdConnectResponseType.Code,
                Notifications = new OpenIdConnectAuthenticationNotifications()
                {

                    AuthenticationFailed = (context) => {
                        context.HandleResponse();
                        return Task.FromResult(0);
                    }
                }

            });

But we are facing the Infinite loop once the user is authenticated. And I tried all the solutions on internet, but my issue is not solved.

https://stackoverflow.com/a/37666371/55775

https://github.com/Sustainsys/owin-cookie-saver

https://github.com/aspnet/AspNetKatana/wiki/System.Web-response-cookie-integration-issues

ASP.NET_SessionId + OWIN Cookies do not send to browser

asp.net mvc azure AAD authentication infinite loop

Nayana Setty
  • 1,001
  • 1
  • 12
  • 34
  • I recall solving it once by creating a controller action that matched the reply URL with AllowAnonymous on it.. This stuff is a lot easier in Core :/ – juunas Jan 01 '20 at 10:14

0 Answers0