Active Directory does not work after deployment

sludd85$ 1 Reputation point
2021-09-30T16:38:07.087+00:00

I followed this tutorial: https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-asp-webapp to add sign in to microsoft to my web app. All worked fine when running in IIS Express through Visual Studio. However after publishing and deploying to an IIS Express website the AAD Authentication no longer works,

This statement In Home Controller.vb:

       If Not Request.IsAuthenticated Then  
            HttpContext.GetOwinContext().Authentication.Challenge(New AuthenticationProperties With {  
            .RedirectUri = "/"  
        }, OpenIdConnectAuthenticationDefaults.AuthenticationType)   

does nothing except to simply reload the home page

There are no errors and nothing appears in the logs in my Azure Account.

is there something I am missing from the deployment?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,469 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Tomlinson,J,John,TNK4A R 1 Reputation point
    2022-02-03T14:19:12.307+00:00

    I obviously don't know if this will fix your issue but it did fix ours, which was very similar by the look of it. We had used the exact same worked example to incorporate Azure AD into our existing web site. All worked fine locally. When publish to a separate server we could only have one user log in. When that user logged out no one else could get through the Azure AD authentication - the authentication became stuck in a loop.

    Eventually I found this article:

    https://blogs.aaddevsup.xyz/2019/11/infinite-sign-in-loop-between-mvc-application-and-azure-ad/

    Under the heading "Resolving the issue" about one third of the way down, it talks about updating to ASP.NET Core and making sure you were using Microsoft.Owin.Host.SystemWeb version 3.1.0.0. Updating to ASP.Net Core is out of the question and our Owin systemweb was v4.2. So I applied the fix:

    In our original code, which was based the above Microsoft example , there is a StartUp class with a Configuration method. The method had the line:

    app.UseCookieAuthentication(new CookieAuthenticationOptions);

    This was clearly using the default Cookie Authentication Options. Applying the fix from the article this line now looks like:

    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
    AuthenticationType = "Cookies",
    CookieManager = new Microsoft.Owin.Host.SystemWeb.SystemWebChunkingCookieManager()
    });

    This updated line is replacing whatever was the previous default CookieManager with the Microsoft.Owin.Host.Systemweb cookie manager.

    With that change our issue was fixed.

    Thanks.

    JT

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.