I am working on SAML 2.0. I have forms authentication enabled in IDP. When a authentication request is made from SP to IDP, the request is authenticated using forms authentication in IDP.
IsAuthenticated is set to false in SP when i use FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie() to write a cookie but the same is set to true when i use FormsAuthentication.SetAuthCookie() to write a cookie.
What I have tried:
Following is the code that sets the cookie
<pre lang="C#"> if (Membership.ValidateUser(model.UserName, model.Password))
{
FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie(GetSecurityTokenForFormsAuthentication(model.UserName));
}
private static SessionSecurityToken GetSecurityTokenForFormsAuthentication(string user)
{
var claims = new[]
{
new Claim(ClaimTypes.Name, user)
};
var identity = new ClaimsIdentity(claims, "Forms");
var principal = new ClaimsPrincipal(identity);
return new SessionSecurityToken(principal);
}</pre>
After the cookie is set, the response is sent back to SP but the Context.IsAuthenticated is false in SP.
Whereas if i set the cookie using the following code and send the response to SP, then Context.IsAuthenticated is set true in SP
<pre lang="C#"> if (Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
}</pre>
Can anyone tell me why the Context.IsAuthenticated is set false when the cookie is set using FederatedAuthentication.SessionAuthenticationModule.WriteSessionTokenToCookie?
Submit an article or tip