-
Notifications
You must be signed in to change notification settings - Fork 2.1k
IsAuthenticated is false when moved to the IIS server with Azure AD .Net Core 2.1 #8700
Comments
Works perfectly on my local machine but when moved to server it returns false. My Configure Services method looks like this
And my Configure Method looks like this
|
Thanks for contacting us, @sandillio. |
@Tratcher I believe this is all yours |
Can you share a Fiddler trace of the scenario? |
Where are you calling IsAuthenticated? |
@Tratcher Here is the Fillder Trace |
@Tratcher This is how I am signing in |
Please upload the fiddler trace file rather than a screenshot. You can send it to the e-mail in my profile if you don't want it to be public. I expect your problem is with the Wreply option, that shouldn't point to a page in your app, but to a url handled directly by the middleware.. Use CallbackPath instead of wreply. @mkArtakMSFT feel free to transfer this to the Security repo. |
Confirmed, your Wreply is wrong. Use CallbackPath instead as described in the doc above. |
@Tratcher So I have removed Wreply and added callback path but now I am getting the error saying the reply URL is not matching. .AddWsFederation(WsFederationDefaults.AuthenticationScheme, options => |
CallbackPath should not reference a page in your app, it should be a dedicated endpoint like the default value "/signin-wsfed". The auth middleware will handle requests to this path. |
@Tratcher So I have changed my CallBackPath = "/AzureADDemo", my Reply Urls in AzureAD as "https://mydomain/AzureADDemo" since this is the endpoint referring to Wreply and I still get reply url not matching error. Please correct me as I am going wrong and having difficulty understanding this ADD. |
What's the exact error and where do you get it? That doesn't sound like an ASP.NET error, is it coming from AAD? |
Yes that’s the error from ADD.
…On Thu, Nov 8, 2018 at 5:22 PM Chris Ross ***@***.***> wrote:
and I still get reply url not matching error.
What's the exact error and where do you get it? That doesn't sound like an
ASP.NET error, is it coming from AAD?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#8700 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AeZW0L-8DuQ1z9vT0qJe9abJUPt9YKbGks5utK6sgaJpZM4YVC_D>
.
|
You're going to need to work that out with AAD. The only advice I can give is that you need to be very careful of the value, AAD has been known to require exact matches, even case sensitive. |
Thanks @Tratcher. Closing this as there is no more action to be taken here from our side. |
@Tratcher Sorry for posting late, but got it working. my solution is, I change the reply url in Azure to be as http://mydomain/yourappname/signin-wsfed and my configureServices method to be as below. public void ConfigureServices(IServiceCollection services)
|
Remove |
Is this a Bug or Feature request?:
Steps to reproduce (preferably a link to a GitHub repo with a repro project):
Description of the problem:
Version of
Microsoft.AspNetCore.Mvc
orMicrosoft.AspNetCore.App
orMicrosoft.AspNetCore.All
:The text was updated successfully, but these errors were encountered: