Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Asp.Net Identity and cookie names

Tags:

asp.net

cookies

asp.net-identity

We have 2 applications that are both using Asp.Net Identity for security.

They have nothing to do with each other but I happen to be a developer on both projects.

I'm facing a quite annoying issue with the Cookie name. If I go to app1 and log in then to app2 and log in, I get disconnected from app1.

My wild guess is that it is because the 2 applications are sharing the same cookie name.

So for the ease of development and also because I think it is nicer I'm looking for a way to change the name of the cookie.

Any clue?

like image 697
Georges Legros Avatar asked Jul 30 '14 13:07

Georges Legros

People also ask

What is AspNet ApplicationCookie?

AspNet. ApplicationCookie basically is created when you use cookie authentication in your application. This cookie is created by the server on user request and is stored by the browser. AspNet. ApplicationCookie gets sent with each subsequent request to inform the server the identity of the logged in user.

What is CookieAuthenticationDefaults AuthenticationScheme?

AuthenticationScheme passed to AddAuthentication sets the default authentication scheme for the app. AuthenticationScheme is useful when there are multiple instances of cookie authentication and the app needs to authorize with a specific scheme. Setting the AuthenticationScheme to CookieAuthenticationDefaults.

What is cookies in ASP.NET Core?

Cookies are key-value pair collections where we can read, write and delete using key. In ASP.NET, we can access cookies using httpcontext. current but in ASP.NET Core, there is no htttpcontext.

What is ConfigureApplicationCookie?

ConfigureApplicationCookie(Cookie settings for Application) It contains setting options related to application's cookie. It has following properties. Cookie.Name. It is a name of the cookie. Default value is "AspNetCore.

1 Answers

OK, found it.

By default, VS and Identity will create a file in App_Start named Startup.Auth.cs.

This file contains the following code

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
    LoginPath = new PathString("/Account/Login"),
    Provider = new CookieAuthenticationProvider
    {
        OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
            validateInterval: TimeSpan.FromMinutes(30),
            regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
    }
});

To fix our problem, we have to set the CookieName property of the CookieAuthenticationOptions 

CookieName = "my-very-own-cookie-name"

That's it; nothing more.

Cheers!

like image 168
Georges Legros Avatar answered Oct 11 '22 15:10

Georges Legros
Sign in to Comment

Related questions

Check if a url is reachable - Help in optimizing a Class
ASP.NET turn off FriendlyURLs mobile.master page
No connection could be made because the target machine actively refused it 127.0.0.1
how to use enum with DescriptionAttribute in asp.net mvc
How do you avoid XSS vulnerabilities in ASP.Net (MVC)?
How to open PDF file in a new tab or window instead of downloading it (using asp.net)?
Unsupported Operation. A document processed by the JRC engine cannot be opened in the C++ stack [duplicate]
Cannot insert the value NULL into column in ASP.NET MVC Entity Framework
Autofac - Make sure that the controller has a parameterless public constructor
'txtName' is not declared. It may be inaccessible due to its protection level
How to create a BaseController with a ViewBag
How do I force ASP:TextBox to be of type email?
Display Bootstrap Modal from Asp.Net Webforms
Where is index.g.cshtml
How to get language without country from CultureInfo
Columns of two related database tables in one ASP.NET GridView with EntityDataSource
Render asp.TextBox for html5 input type="date"
Crystal Report Issue with IIS - ( bobj is undefined , Crystal report not displaying )
Losing Session State with ASP.NET/SQL Server
Is there a way to "insert" a new section into Web.Config using transforms?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!