Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Asp.Net Identity - Setting CookieDomain at runtime

Tags:

authentication

asp.net

claims-based-identity

How can I set the CookieDOmain in the CookieAuthenticationOptions at runtime if i want to pull this value from the Request.Url or from some settings stored in my database?

I want to support sub-domains, but also support multi-tenants too which each have different domains.

At the moment this is configured I don't have access to either of these.

Paul

like image 200
Paul Hinett Avatar asked Apr 10 '14 13:04

Paul Hinett

People also ask

What is AspNet identity?

ASP.NET Identity is Microsoft's user management library for ASP.NET. It includes functionality such as password hashing, password validation, user storage, and claims management. It usually also comes with some basic authentication, bringing its own cookies and multi-factor authentication to the party.

What is Microsoft AspNet identity Owin?

Microsoft.AspNet.Identity.OWIN. This package contains functionality that is used to plug in OWIN authentication with ASP.NET Identity in ASP.NET applications. This is used when you add sign in functionality to your application and call into OWIN Cookie Authentication middleware to generate a cookie.

1 Answers

You can assign your own cookie provider:

CookieAuthProvider myProvider = new CookieAuthProvider();
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
   AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
   LoginPath = new PathString("/Account/Login"),
   Provider = myProvider
});

Either implement your own, or simply inherit from the existing provider:

public class CookieAuthProvider : CookieAuthenticationProvider
{
    public override void ResponseSignIn(CookieResponseSignInContext context)
    {
      //Alter you cookie options
      //context.CookieOptions.Domain  =  "www...";      
      base.ResponseSignIn(context);
    }
 }

And implement ResponseSignIn, it is called when an endpoint has provided sign in information before it is converted into a cookie. By implementing this method the claims and extra information that go into the ticket may be altered.

You'll be passed a CookieResponseSignInContext, which exposes CookieOptions property that can be replaced or altered during the ResponseSignIn call.

Code references from Katana project:

  • ICookieAuthenticationProvider

  • CookieResponseSignInContext

  • CookieAuthenticationHandler

like image 157
MK. Avatar answered Sep 18 '22 21:09

MK.
Sign in to Comment

Related questions

How do I control the format MembershipUser.ResetPassword()
ASP.NET User Control Property Value Options In Designer Mode
Graphics object to image file
How to get server domain name
asp.net application default file Index.aspx
Using google maps without API Keys?
how many instances of SqlConnection should I use
ASP.Net: User control with content area, it's clearly possible but I need some details
ASP.Net : Need to run javascript on update panel load completed
How can I assign a value to a Html.Hiddenfor from jQuery/ JavaScript?
How to remove or compress your asp.net viewstate
How connect to SQL Server Compact 4.0 in ASP.NET?
Query From LDAP for User Groups
Accessing HttpContext in a class library - ASP.NET MVC
How to add properties to anonymous object dynamically? [duplicate]
How can I get the parameters from url
Method invocation is skipped in C#?
Read an XML file from http address
how to find control in edit item template?
How do you include JavaScript in MasterPage?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!