I have 2 web applications.
The first web application contains ASP.NET web pages and used a Membership provider for authentication.
The second web application is strictly an OData WEB API site that requires authentication.
Both sites have the same "machineKey validationKey / decryptionKey" in the web config and both are using "Forms" authentication with the same "forms name of .TESTAUTH"
When I call the OData service and inspect the IDentity for both the thread and httpcontext they are both empty for the name and isauthenticated.
So how do I get the OData to recognize the .TESTAUTH cookie?
EDIT:
Well here is what I did. It doesn't seem right but if someone knows a better way please let me know.
dbContext.BuildingRequest += AddCookie;
private void AddCookie(object sender, Microsoft.OData.Client.BuildingRequestEventArgs e)
{
var authCookie = HttpContext.Current.Request.Cookies(".TESTAUTH");
e.Headers.Add("Cookie", ".TESTAUTH=" + authCookie.Value);
}
Here is what I did to solve the problem.
dbContext.BuildingRequest += AddCookie;
private void AddCookie(object sender, Microsoft.OData.Client.BuildingRequestEventArgs e)
{
var authCookie = HttpContext.Current.Request.Cookies(".TESTAUTH");
e.Headers.Add("Cookie", ".TESTAUTH=" + authCookie.Value);
}