I published web site to IIS on Windows 10. If I try login to website through forms by url http://localhost, I can access to system. But If I try login by url http://10.0.0.101 , then after login User.Identity.IsAuthenticated is false and User is IGenericPrincipal instead of expected IMyPrincipal. Web is written in MVC5.
Pat of codes:
...login
FormsAuthenticationTicket authTicketF = new FormsAuthenticationTicket(1, user.Username, DateTime.Now, DateTime.Now.AddMinutes(60), false, userData);
string encTicketF = FormsAuthentication.Encrypt(authTicketF);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicketF) { Secure = true };
Response.Cookies.Add(faCookie);
...BaseController
protected override void OnAuthorization(AuthorizationContext filterContext)
{
base.OnAuthorization(filterContext);
if (User == null || !User.Identity.IsAuthenticated)
{
filterContext.RequestContext.HttpContext.Response.Redirect("/Login", true);
}
}
Solution, in this case website is running only on HTTP not HTTPS. I had to changed Secure attribute to false.
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicketF) { Secure = false };
Now it's working.