MVC 5 Redirect to Login Page Not Working with OWIN

c# asp.net-mvc-5 owin

18,372

Solution 1

I’ve created two new similar projects and was able to reproduce your error.

In the blank project, I had to install the Microsoft.Owin.Host.SystemWeb (via Nuget) and once I did this, I was getting a bunch of errors in my Startup.cs class. Ended up with this:

[assembly: OwinStartupAttribute(typeof(v2.Startup))]
namespace v2
{
    public partial class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            ConfigureAuth(app);
        }

        public void ConfigureAuth(IAppBuilder app)
        {
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = "ApplicationCookie",
                LoginPath = new PathString("/Account/Login")
            });
        }
    }
}

In the end, I'm now capable of hitting/seeing my Login view when I call the About() method decorated with the [Authorize] attribute.

Hope this helps! Vince

Solution 2

Per ASP.NET MVC 5 Web.config: "FormsAuthenticationModule" or "FormsAuthentication"

<system.webServer>
    <modules>
      <remove name="FormsAuthentication" />
    </modules>
</system.webServer>

for extra safety I left both the "typo" handler in (in case Microsoft changes it later giving me)

<system.webServer>
    <modules>
     <remove name="FormsAuthenticationModule" />
     <remove name="FormsAuthentication" />
    </modules>
</system.webServer>

18,372

Author by

Jeff

Founder of TBD Systems

Updated on June 12, 2022

Comments

Jeff almost 2 years
I'm trying to get my head around using OWIN. I have created two MVC 5 projects. One with authentication using Aspnet.Identity and the other started as an empty project.

I added the following to the emptyp project:
- Account controller with a Login action and coresponding view
- Startup.cs and another partial Startup.cs with
```
public partial class Startup
{
        public void ConfigureAuth(IAppBuilder app)
        {
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = "ApplicationCookie",
                LoginPath = new PathString("/Account/Login")
            });
        }
    }
```
I have decorated the About action in the Home controller with the [Authorize] attribute in both projects.

When I run the first project and go to the About screen before logging in it redirects to the login action as expect. When I do the same for the second project I get a "HTTP Error 401.0 - Unauthorized" instead of redirecting.

Any idea what would cause the second one to behave this way?
Jeff over 10 years

thanks for spending the time to try this. I started clean again and was finally able to track down two different problems. In one project that I was trying this on I had "AuthenticationMode = AuthenticationMode.Passive" in the CookieAuthenticationOptions. This was left over from something else I was trying. In another project I forgot to call Startup.ConfigureAuth() from Startup.Configuration()! So basically two careless mistakes. I'm back on track and trying to figure out the next issue....
Zaker about 8 years

what does this line of code will do <remove name="FormsAuthentication" />
Aaron Sherman about 8 years

click on the link in my answer where it is explained. My answer had also been deleted so it was not there prior.
Alexandre over 5 years

When I accessed my site : XYZ.com I always got redirected to XYZ.com/En/Login?returnUrl=%F2. You just solved this, my provider OnApplyRedirect is now called. I wanted to intercept this call and make sure to not returnUrl on useless locations.