Base solution for your next web application
Open Closed

Federation Login ADFS Loop #1657


User avatar
0
bbakermmc created

Im trying to use the Federation Authentication and its working when the user logins in using /Account/Login. But if the user isnt logged in and hits a [AbpMvcAuthorize] tag the site doesnt redirect to /Account/Login like I would expect it to. Instead it actually takes them to the Federation Auth server, and then the user gets stuck in a ADFS redirection loop.

What am I missing?

var cookieOptions = new CookieAuthenticationOptions
            {
                //AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login/"),
                CookieManager = new SystemWebCookieManager()
            };
            app.UseAbp();

            app.UseKentorOwinCookieSaver();
            app.UseCookieAuthentication(cookieOptions);
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

if (IsTrue("ExternalAuth.WsFederation.IsEnabled"))
            {
                app.UseWsFederationAuthentication(CreateWsFederationAuthOptions());
            }


private static WsFederationAuthenticationOptions CreateWsFederationAuthOptions()
        {
            var options = new WsFederationAuthenticationOptions
            {
                MetadataAddress = "https://fs/FederationMetadata/2007-06/FederationMetadata.xml",
                AuthenticationType = "Windows",
                Caption = "Domain",
                //localhost
                Wreply = "https://prodapp2/Account/Login/",
                Wtrealm = "https://prodapp2/Account/Login/"
            };

            return options;
        }

1 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    I haven't tried this but you can try this,

    When creating WsFederationAuthenticationOptions just handle AuthenticationFailed by yourself,

    Notifications = new WsFederationAuthenticationNotifications
    {
        AuthenticationFailed = notification =>
        {
            notification.HandleResponse();
            return Task.FromResult(0);
        }
    }