'Cookie authentication - Always redirect to login Page
I tried to use the sample code from github Cookie Authentication and integrate it with Active directory Authentication but I cant seem to make it run properly. Instead I alway get redirected to my login page. Please see my code below. Am I messing something?
Program.cs
var builder = WebApplication.CreateBuilder(args);
var CookieScheme = "YourSchemeName";
// Add services to the container.
builder.Services.AddControllersWithViews();
builder.Services.AddSession();
builder.Services.AddAuthentication("YourSchemeName") // Sets the default scheme to cookies
.AddCookie(CookieScheme, options =>
{
options.AccessDeniedPath = "/account/denied";
options.LoginPath = "/account/login";
});
builder.Services.AddSingleton<IConfigureOptions<CookieAuthenticationOptions>, ConfigureMyCookie>();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseSession();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
app.Run();
ConfigureMyCookie.cs
namespace AuthSamples.Cookies
{
internal class ConfigureMyCookie : IConfigureNamedOptions<CookieAuthenticationOptions>
{
public ConfigureMyCookie()
{
}
public void Configure(string name, CookieAuthenticationOptions options)
{
}
public void Configure(CookieAuthenticationOptions options)
=> Configure(Options.DefaultName, options);
}
}
AccountController.cs
namespace AuthSamples.Cookies.Controllers
{
public class AccountController : Controller
{
[HttpGet]
public IActionResult Login(string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
return View();
}
[HttpPost]
public IActionResult Login(string userName, string password, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ValidateLogin(userName, password))
{
var claims = new List<Claim>
{
new Claim("user", userName),
new Claim("role", "Member")
};
HttpContext.SignInAsync(new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookies", "user", "role")));
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return Redirect("/");
}
}
return View();
}
private bool ValidateLogin(string userName, string password)
{
// For this sample, all logins are successful.
string domainName = "SampleAD.local";
string userDn = $"{userName}@{domainName}";
try
{
using (var connection = new LdapConnection { SecureSocketLayer = false })
{
connection.Connect(domainName, LdapConnection.DEFAULT_PORT);
connection.Bind(userDn, password);
if (connection.Bound)
return true;
}
}
catch (LdapException ex)
{
// Log exception
}
return false;
}
public IActionResult AccessDenied(string returnUrl = null)
{
//return View();
return RedirectToAction("~/Home/login");
}
public async Task<IActionResult> Logout()
{
await HttpContext.SignOutAsync();
return Redirect("/");
}
}
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|