I have two applications. The first is an ASP.NET 4 MVC application that requires authentication. The second is an application that will handle authentication and set a cookie to authenticate forms.
In the authorization application, I call
FormsAuthentication.SetAuthCookie(username, false);
and then I make a simple Response.Redirect back to my MVC application.
In an MVC application, I create my own filter, which inherits from AuthorizeFilter. In the OnAuthorization method, I was going to decrypt the cookie and get some additional user data from an authorized user.
My problem is that
HttpContext.Current.Request.Cookies
there is nothing in it. I checked the violinist and the authentication application correctly sets the cookie, and the MVC application receives the cookie, but when it gets into my filter, there is nothing there.
My web.config in both applications has the same setup:
<forms
name=".ASPXFORMSAUTH"
protection="All"
path="/"
timeout="30"
enableCrossAppRedirects="true"
domain="localhost"/>
And I have a setting with the same machine key to be able to decrypt the cookie. The problem is that I do not see any cookie in my OnAuthorization method in my MVC filter.
Both applications are currently running on my local IIS instance.
source
share