search

IdentityServer / IdentityServer3

OpenID Connect Provider and OAuth 2.0 Authorization Server Framework for ASP.NET 4.x/Katana
https://identityserver.github.io/Documentation/
Apache License 2.0
2.01k stars 763 forks source link

idsrv.partial cookie randomly not issued #3839

Closed pekkah closed 7 years ago

pekkah commented 7 years ago

Question / Issue

We have a setup with username/password login combination and a two factor authentication implemented as MVC view. We issue partial login on PostAuthenticateAsync(PostAuthenticationContext context). We're now randomly facing a issue where the idsrv.partial login cookie is not issued or disappears so when GetIdentityServerPartialLoginAsync is called the return value is null. This issue seems to disappear upon IIS reset but comes back on fresh start of the application.

This issue seems to have appeared upon changing the .NET framework target to 4.6.1.

brockallen commented 7 years ago

Sounds like the perennial OWIN/Katana vs. ASP.NET cookie problem. I think you will have to do more investigation to repro consistently.

pekkah commented 7 years ago

It seems so. Katana 3.1.0 seems to allow changing the cookie manager implementation also providing few implementations like the system.web based one. You open for PR extending the cookieoptions to allow changing the default one?

brockallen commented 7 years ago

We're no longer accepting PRs -- This repository is no longer in active development or maintenance, other than reported security vulnerabilities.

If you have questions and are seeking free support, see here for more details.

If you require commercial support, see here for more details.