We are launching the classic asp web application and want it to work with the newly developed MVC application. We want to use authentication of a classic asp application in an MVC application.
The idea is that when a user logs in to a classic asp application, he will issue a kind of cookie, the cookie will be encrypted in our own method. A cookie will contain a usage identifier.
The client then views the MVC application with this cookie. The MVC application checks for the presence and confirmation of a cookie. It does not redirect to the classic asp login page.
So, I'm going to set up OWIN cookie authentication to use my own authentication logic. I tried to implement CookieAuthenicationProvider, but I do not know where to put my logic.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
CookieName = ".classicauth",
CookieSecure = CookieSecureOption.SameAsRequest,
CookieHttpOnly = true,
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = context => {
context.RejectIdentity();
return Task.FromResult<int>(0);
},
OnApplyRedirect = context => {
context.Response.Redirect("classic_asp_login_url");
}
}
});
CookieAuthenticationProvider has an OnValidateIdentity property, however, it does not seem to be the right place to retrieve a cookie and validate it.
Thank. Jason
source
share