owin – Page 4 – Tarik Billa

Dependency injecting UserStore in OWIN startup using Ninject OWIN middleware

August 18, 2023 by Tarik

For info: It is possible to register the kernel as a singleton so that the same kernel can be used by the ninject middleware and also registered within the owin context. public static StandardKernel CreateKernel() { if (_kernel == null) { _kernel = new StandardKernel(); _kernel.Bind<IHttpModule>().To<HttpApplicationInitializationHttpModule>(); _kernel.Load(Assembly.GetExecutingAssembly(), Assembly.Load(“Super.CompositionRoot”)); } return _kernel; } The callback function … Read more

Internet Explorer 11 replaces Authorization header

August 17, 2023 by Tarik

We had a problem where Internet Explorer was caching credentials. We could fix the problem by using the following script: document.execCommand(‘ClearAuthenticationCache’, ‘false’); see: Wikipedia

How do I ignore the Identity Framework magic and just use the OWIN auth middleware to get the claims I seek?

August 17, 2023 by Tarik

Use the following code to setup OWIN security middlewares: app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = “Application”, AuthenticationMode = AuthenticationMode.Passive, LoginPath = new PathString(“/Login”), LogoutPath = new PathString(“/Logout”), }); app.SetDefaultSignInAsAuthenticationType(“External”); app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = “External”, AuthenticationMode = AuthenticationMode.Passive, CookieName = CookieAuthenticationDefaults.CookiePrefix + “External”, ExpireTimeSpan = TimeSpan.FromMinutes(5), }); app.UseGoogleAuthentication(); The code above sets up application cookie, external … Read more

Global exception handling in OWIN middleware

August 16, 2023 by Tarik

Ok, so this was easier than anticipated, thanks for @Khalid for the heads up, I have ended up creating an owin middleware named OwinExceptionHandlerMiddleware which is dedicated for handling any exception happening in any Owin Middleware (logging it and manipulating the response before returning it to the client). You need to register this middleware as … Read more

Unhandled Exception Global Handler for OWIN / Katana?

August 16, 2023 by Tarik

Try writing a custom middleware and placing it as the first middleware: public class GlobalExceptionMiddleware : OwinMiddleware { public GlobalExceptionMiddleware(OwinMiddleware next) : base(next) {} public override async Task Invoke(IOwinContext context) { try { await Next.Invoke(context); } catch(Exception ex) { // your handling logic } } } Place it as the first middleware: public class Startup … Read more

What is the difference in the use of UserStore and UserManager in ASP.NET Identity?

August 15, 2023 by Tarik

Things are quite complicated there and could have been easier. UserManger is the … manager. It does not really interact with the storage, the database. That’s what the UserStore does. In fact UserManager has a constructor which needs a UserStore. Why would you have to different object to manage users? Well, the main reason is … Read more

OWIN and Katana, why decouple the application from the server?

August 10, 2023 by Tarik

Your question is valid. You are probably mostly thinking of web facing web servers. Serving HTML (or json or websockets) can be used for so much more. I use Nancy instead of IIS because I have a small application that I only want to reach from the inside while IIS is outward facing. Also – … Read more

Login page on different domain

August 8, 2023 by Tarik

public class Startup { public void Configuration(IAppBuilder app) { app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationMode = AuthenticationMode.Active, LoginPath = new PathString(“/account/login”), LogoutPath = new PathString(“/account/logout”), Provider = new CookieAuthenticationProvider { OnApplyRedirect = ApplyRedirect }, }); } private static void ApplyRedirect(CookieApplyRedirectContext context) { Uri absoluteUri; if (Uri.TryCreate(context.RedirectUri, UriKind.Absolute, out absoluteUri)) { var path = PathString.FromUriComponent(absoluteUri); if (path == … Read more

OWIN – Authentication.SignOut() doesn’t seem to remove the cookie

July 26, 2023 by Tarik

I had a similar problem for the past few days. Instead of Request.GetOwinContext().Authentication.authenticationManager.SignOut(); Use ONE(and only one) of these: Request.GetOwinContext().Authentication.SignOut(); Request.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie); HttpContext.Current.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie); This article explains why your cookies don’t get deleted: https://dzone.com/articles/catching-systemwebowin-cookie I know my answer isn’t the most research-based, but to tell you the truth, I just couldn’t find WHY my provided code examples … Read more

Does new ASP.NET MVC identity framework work without Entity Framework and SQL Server?

July 25, 2023 by Tarik

Not that simple. Not that hard either. You’ll have to write your custom implementation of: IUserStore<TUser> IUserPasswordStore<TUser> IUserTwoFactorStore<TUser> IUserClaimStore<TUser> IRoleStore<TRole> IUserSecurityStampStore<TUser, string> IUserRoleStore<TUser, string> UserManager<TUser> Then create your own user implementation, from IUser<TKey>, like: public class MyUser : IUser<string> { public string Id { get; set; } public string UserName { get; set; } } … Read more