I am completely new to OWIN, and this problem was the main blocker for me.
Basically, in my MVC application, I have a class at startup:
public partial class Startup { public void ConfigureAuth(IAppBuilder app) { app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId = OfficeSettings.ClientId, Authority = OfficeSettings.Authority, TokenValidationParameters = new System.IdentityModel.Tokens.TokenValidationParameters() { RoleClaimType = "roles" }, Notifications = new OpenIdConnectAuthenticationNotifications() { AuthorizationCodeReceived = (context) => { // code hidden for readability if(HttpContext.Current.Session == null) { // It null. Why is that? } var session = HttpContext.Current.Session; if (session["myMockSession"] != null) { // Do stuff... } }, RedirectToIdentityProvider = (context) => { // code hidden for readability }, AuthenticationFailed = (context) => { // code hidden for readability } } });
I do not understand why, when I am debugging, that the session is null. The HttpContext.Current property is not. Are there any restrictions with Session + OWIN? Is there any workaround? How to approach him?
Lateral note 1: I tried to add this piece of code that I found in one of the SO questions, and Session was still null:
app.Use((context, next) => { // Depending on the handler the request gets mapped to, session might not be enabled. Force it on. HttpContextBase httpContext = context.Get<HttpContextBase>(typeof(HttpContextBase).FullName); httpContext.SetSessionStateBehavior(SessionStateBehavior.Required); return next(); });
Side Note 2: I don't seem to be looking for this anymore, but someone suggested in one of the SO questions to add empty Session_Start and Session_End methods (as empty methods) to Global.asax. That didn't work either.
I welcome any advice. Thanks!
Aurometal
source share