Search code examples
c#azure-active-directoryopenid-connect.aspxauth

ASPXAUTH cookie issue in Azure AD login

I have using azure AD login option for office 365, I am using 2 separate client applications in my Azure AD for my production and development site, like below, production: https://[email protected] (secured site) development: http://[email protected]:88 (not secured)

the login works fine when login into the sites separately but getting an error while following below steps, 1. if I login into my production site, my development site not works. 2. The only difference we can notice is.ASPXAUTH cookie has been created while login into the production site.

until log out the production site, I can't login into the development site. please suggest your solutions fix this.

public static void ConfigureAuth(IAppBuilder app)
    {
        app.UseKentorOwinCookieSaver();
        app.UseCookieAuthentication(new CookieAuthenticationOptions());
        app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
        app.UseOpenIdConnectAuthentication(
            new OpenIdConnectAuthenticationOptions
            {
                ClientId = clientId,
                Authority = authority,
                PostLogoutRedirectUri = postLogoutRedirectUri,
                RedirectUri = redirectUri,
                UseTokenLifetime = false,
                Notifications = new OpenIdConnectAuthenticationNotifications
                {
                    SecurityTokenValidated = context =>
                    {
                        string returnUrl = context.AuthenticationTicket.Properties.RedirectUri;
                        context.AuthenticationTicket.Properties.RedirectUri = "/members/register?returnUrl="+ returnUrl; 
                        return Task.FromResult(0);
                    },
                    AuthenticationFailed = context =>
                    {
                        if (context.Exception.Message.StartsWith("OICE_20004") || context.Exception.Message.Contains("IDX10311"))
                        {
                            context.SkipToNextMiddleware();
                            context.Response.Redirect("/members/logon");
                            return Task.FromResult(0);
                        }

                        return Task.FromResult(0);
                    }
                }
            });
    }
}

}

The issue am facing is, after logged in from office 365 it redirects to below url http://[email protected]:88/members/register?returnUrl=http://[email protected]:88/ but it needs to be redirected to http://[email protected]:88 this link.

Solution

  • Did the web site provide any register function? It seems that the web site supports to register user login-in from Azure AD. If I understand correctly, We can rename the cookie-name issued by the web site via code below to make the cookies for the two sites works separately:

    app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
    CookieName = "DevSite",
});