AspNetCore 2.0 Claims always empty

Question

I am working on converting a DotNet 4.5 MVC/WebAPI application to AspNetCore 2.0, and I'm having some trouble getting my Cookie authentication working again. When I set the cookie and try to access a secure method, I can't get there. When I go into an anonymous method and inspect the user object, it is empty - no authentication type, no claims, etc.

I have followed this article as best I can: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?tabs=aspnetcore2x. I am not using Identity.

My code in startup.cs ConfigureServices is as follows:

  services.AddAuthentication("ACE_AUTH")                    
                    .AddCookie("ACE_AUTH",  options =>
                    {
                        options.AccessDeniedPath = "/Home/Index/";
                        options.LoginPath = "/Home/Index/";
                    });

My code in the Configure method:

app.UseAuthentication();

The Principal is fully populated when this is called. Where I am setting my cookie:

 await HttpContext.SignInAsync("ACE_AUTH", samlData.Principal);

Nothing I have tried has caused my claims to show up when attempting to Authenticate the user.

Answer 1

For people not reading comments (almost read over it myself):

Joey: "What solved the issue for me was moving app.UseAuthentication above app.UseMvc. It does say that in the docs but it is well hidden."

... This works... Why it doesn't throw an Exception when you do it afterwards is behind me.