Virtual Directory CallbackPath about pysco68.owin.authentication.ntlm HOT 6 CLOSED

Nevermind, I seem to have resolved this issue. I was setting my CookieAuthenticationOptions like so:

new CookieAuthenticationOptions()
{
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
    LoginPath = new PathString("/account/login"),
    Provider = new CookieAuthenticationProvider()
    {
        OnApplyRedirect = ctx =>
        {
            if (!ctx.Request.IsNtlmAuthenticationCallback())
            {
                ctx.Response.Redirect(ctx.RedirectUri);
            }
        }
    }
}

The problem seemed to be specifying the LoginPath. When I removed this option, everything worked correctly. Perhaps it's a cross-origin type issue related to specifying the CallbackPath PathString with the virtual directory (i.e. /<appname>/authentication/ntlm-signin), whereas the LoginPath did not contain the virtual directory (i.e. /account/login).

from pysco68.owin.authentication.ntlm.

A follow up on this issue and how I actually ended up resolving it... Since I specified a CallbackPath in the NtlmAuthenticationOptions I also needed to call IsNtlmAuthenticationCallback with the redirectPath overload in the following manner:

OnApplyRedirect = ctx =>
{
    if (!ctx.Request.IsNtlmAuthenticationCallback(CallbackPath))
    {
        ctx.Response.Redirect(ctx.RedirectUri);
    }
}

If CallbackPath is not specified then IsNtlmAuthenticationCallback makes the comparison using the NtlmAuthenticationOptions.DefaultRedirectPath (/authentication/ntlm-signin), which does not work for an app under a virtual directory (/<virtual_directory>/authentication/ntlm-signin).

This could be a helpful tip to add to the documentation for those running apps under virtual directories.

from pysco68.owin.authentication.ntlm.

It sure would be helpful, I'll try to take care of this asap!

Thank you very much for the follow-up!

from pysco68.owin.authentication.ntlm.

Added note: 901c8c7

from pysco68.owin.authentication.ntlm.

I'm having this same issue, but when I drop LoginPath from UseCookieAuthentication then it doesn't attempt to log the user in.

from pysco68.owin.authentication.ntlm.

Finally figured out how to do this and it should work dynamically....

    public void Configuration(IAppBuilder app)
    {
        var urlHelper = new UrlHelper(HttpContext.Current.Request.RequestContext);

        app.SetDefaultSignInAsAuthenticationType(DefaultAuthenticationTypes.ApplicationCookie);

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Login"),
            Provider = new CookieAuthenticationProvider()
            {
                OnApplyRedirect = ctx =>
                {
                    if (!ctx.Request.IsNtlmAuthenticationCallback(new PathString(urlHelper.Action("authentication", "ntlm-signin"))))
                    {
                        ctx.Response.Redirect(ctx.RedirectUri);
                    }
                }
            }
        });

        app.UseNtlmAuthentication(new NtlmAuthenticationOptions()
        {
            CallbackPath = new PathString(urlHelper.Action("authentication", "ntlm-signin"))
        });
    }

from pysco68.owin.authentication.ntlm.