stackoom
  简体   繁体   中英

OWIN Cookie authentication not working on IIS 8.5

 原文  2016-09-23 13:08:00       c#/ asp.net/ iis/ cookies/ owin

Question

I have developed an ASP.NET webapp with OWIN authentication, which works fine on my development machine (Windows 10/IIS 10), but when the webapp is published to my Windows 2012 server with IIS 8.5, the cookie authentication does not seem te work.

When I login (with the IsPersistent setting to true) and close the browser, I am still logged on when I start my browser again, so that's OK. But when I restart IIS and startup the browser, I have to logon again.

I have created a very simple application to test this, with the following code:

Startup.cs 

public void ConfigureAuthentication(IAppBuilder app)
    {
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Login"),
            CookieName = "ThisIsTheAuthCookie"
        });
    }

AuthenticationController.cs 

public ActionResult Login(string userName, string password)
    {
        //For testing purposes every user/pwd is fine
        var identity = new ClaimsIdentity(new [] { new Claim(ClaimTypes.Name, userName), },
            DefaultAuthenticationTypes.ApplicationCookie,
            ClaimTypes.Name, ClaimTypes.Role);

        HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties { IsPersistent = true }, identity);

        return RedirectToAction("index", "home");
    }

Even Chrome shows the cookie, but it looks like OWIN is not using it on IIS 8.5: 在此输入图像描述

Does anybody have an idea what the problem is?

Thx, Danny

3 answers

solution1
 0  2016-09-23 21:31:05

Can you try a couple of things and share the results :- 1. Restart the IIS , keeping the User-Agent. See if you are logged in now. 2. Enable logging in Katana and check for this warning/error in the logs.

solution2
 0  2016-09-28 06:41:31

Any result on this already?

For me it looks like you have the cookie with the session ID available but the IIS server is not aware anymore on this session. Are you sure you persist the session on the IIS server? (and not 'In Process')

You can find the option under Session State in the IIS configuration. See TechNet Article IIS

solution3
 0 ACCPTED  2016-10-03 22:02:58

The problem is solved. I had to add the MachineKey element in the web.config!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Cookie persistence not working in OWIN authentication OWIN Cookie Authentication Authentication not working in subdirectories of Wordpress blog installed in IIS8.5 Share OWIN Authentication Cookie across two domains connected with one IIS application Denying users in windows authentication IIS 8.5 How does an OWIN authentication cookie actually authenticate .NET OWIN Authentication - Cookie + Windows (active directory) Owin cookie authentication occasionally throws NullReferenceException Owin use external forms authentication cookie MVC Owin Cookie Authentication - Override ReturnUrl Generation
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM