ASP.NET OWIN UseCookieAuthentication Logs User Out After Sign In

I have a need to do manual cookie authentication. As I use OWIN with UseCookieAuthentication middleware, it is not that hard except when I had no idea what is actually required.

I know I had to create a ClaimsIdentity and I will need AuthenticationProperties object. Supplying both of them successfully created the cookie, but when I went to a different page, the authentication failed and the application kicked me out to the login page. The following is my initial problematic code in the authentication handler:
Dim claims As New List(Of Claim)
claims.Add(New Claim(ClaimTypes.NameIdentifier, user.Username))
Dim claimsIdentity As New ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationType)
context.GetOwinContext().Authentication.SignIn(New AuthenticationProperties With {
    .ExpiresUtc = expiration
}, claimsIdentity)

For my basic requirement, apparently there are required claims. In my case, I'm missing the Name claim. Adding the following claim solves my issue:
claims.Add(New Claim(ClaimTypes.Name, user.Name))
As of now, I'm still not sure why it is necessary and haven't had time to look it up. But a quick read on ClaimsIdentity reveal that NameClaimType is necessary.


My final code thus becomes:

Dim claims As New List(Of Claim)
claims.Add(New Claim(ClaimTypes.NameIdentifier, user.Username))
claims.Add(New Claim(ClaimTypes.Name, user.Name))
Dim claimsIdentity As New ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationType)
context.GetOwinContext().Authentication.SignIn(New AuthenticationProperties With {
    .ExpiresUtc = expiration
}, claimsIdentity)

Comments

Post a Comment

Popular posts from this blog

Sentinel One Strikes Again. No internet connection. Uninstall Sentinel One Agent.

This happened to a co-worker of mine a while back when his test application file was marked as suspicious by Sentinel One antivirus and had his internet on his laptop disabled. Today, it happened to me without any suspicious file. Probably suspicious activity, who knows. On Microsoft Edge, it says "Hmmm... your Internet access is blocked.", "Firewall or antivirus software may have blocked the connection", and "ERR_NETWORK_ACCESS_DENIED". So, I worked with my IT to uninstall the agent, but uninstalling is not without a fight. Here are the steps that I took: Since it is a Windows 11 machine with Bitlocker, I have to first get the Bitlocker key. From command prompt run: manage-bde -protectors -get C: After I verified it is the same key that the IT has, I saved the key outside of the machine. Then go to system configuration by searching for "sysconfig" or run msconfig. Under "boot" tab, check the "Safe boot" option, then click ...
Read more

A2 Hosting Let's Encrypt Can't Install Certificate on ASP.NET Core Application

I have an ASP.NET Core app hosted by A2 Hosting. A2 Hosting provides free SSL certificate through Let's Encrypt, so I decided to install it for my application. Since the portal is by Plesk, I follow the guide in: https://support.plesk.com/hc/en-us/articles/115000165013 However, it didn't work as expected. My application still has a web.config file. After trying different ways, I commented out aspNetCore module in the web.config and then the certificate was installed successfully. By commenting the module, ASP.NET Core processing by IIS is disabled, so the validation request by Let's Encrypt is treated like a regular request towards a static file.
Read more

NuGet Package Reference NU6105 Publish Error

Some of my .NET Core applications are already using PackageReference which is a very nice idea. However, through a combination of packages, Visual Studio did not allow me to publish my project although it built fine. During publish, it threw error on NU6105 warning. Along with that most of it comes with the following message: Detected package downgrade Some developers solve it by finding which package caused the issue and manually added them through NuGet, but I find them troublesome until I found the following article: https://docs.microsoft.com/en-us/nuget/reference/errors-and-warnings/nu1605 In my case, all I need to do to solve it is to install the following NuGet package:  Microsoft.NETCore.Targets
Read more