OWIN - setting UserManager

Question

OWIN - setting UserManager

I had to configure the UserManager class to search and authenticate users in the company structure (mixes Active Directory authentication with another Oracle Authetication). Although I implemented FindAsync and CreateIdentityAsync , the user is not set as authenticated.

My UserManager implementation:

 using System; using System.Collections.Generic; using System.Dynamic; using System.Security.Claims; using System.Web; using MyProject.Common; using MyProject.Models; using Microsoft.AspNet.Identity; using System.Threading.Tasks; namespace MyProject.Infrastructure { public class GNUserManager : UserManager<ApplicationUser> { public GNUserManager(IUserStore<ApplicationUser> store) : base(store) { } public override async Task<ApplicationUser> FindAsync(string userName, string password) { /* Performs some logic here that returns true */ if (foundUser) { return await Task.Run(() => new ApplicationUser { UserName = userName, Id = userName }); } throw new Exception("User not found."); } public override async Task<ClaimsIdentity> CreateIdentityAsync(ApplicationUser user, string authenticationType) { IList<Claim> claimCollection = new List<Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.Country, "Brazil"), new Claim(ClaimTypes.Email, user.UserName) }; var claimsIdentity = new ClaimsIdentity(claimCollection, "Company Portal"); return await Task.Run(() => claimsIdentity); } } }

What is missing to authenticate my user?

+7

c # asp.net-mvc owin

Cigano morrison mendez Feb 14 '14 at 17:24

source share

4 answers

user3475140 · Answer 1 · 2014-03-29T06:51:32+0000

Try changing this line.

  var claimsIdentity = new ClaimsIdentity(claimCollection, "Company Portal");

For this

 var claimsIdentity = new ClaimsIdentity(claimCollection, DefaultAuthenticationTypes.ApplicationCookie);

This should generate your cookie for you that you need.

Brock allen · Answer 2 · 2014-02-14T22:15:04+0000

UserManager manages the user ID in the database, and also validates credentials. In short, it is a DB search tool. To force the user to enter your application, you need to specify some kind of token (for example, a cookie for browser applications or a token for api applications). The most recent approach in ASP.NET is with cookie authentication middleware for browser applications. See here for more information about cookie middleware:

http://brockallen.com/2013/10/24/a-primer-on-owin-cookie-authentication-middleware-for-the-asp-net-developer/

iuristona · Answer 3 · 2014-02-19T22:55:49+0000

Looking at the SignIn method created by the default ASP.NET MVC 5 project, we can see this code:

 private async Task SignInAsync(ApplicationUser user, bool isPersistent) { AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie); var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity); }

What we can notice is that the AuthenticationManager , which is the one who cares about the authentication sign, after we get the identifier, is also needed to log in using the AuthenticationManager . Therefore, perhaps your problem is not related to UserManager .

The AuthenticationManager instance in the Controller class is retrieved using this code:

 private IAuthenticationManager AuthenticationManager { get { return HttpContext.GetOwinContext().Authentication; } }

Mike · Answer 4 · 2015-04-16T20:37:25+0000

Oracle Data Provider for .NET does not currently support asynchronous querying and persistence.

OWIN - setting UserManager

More articles: